Web Hosting Security

  Home arrow Web Hosting Security arrow FaceBook Scam Strikes Again
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

FaceBook Scam Strikes Again
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1

    Table of Contents:

    Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article



    Online hackers often find a variety of ways to entice unsuspecting victims to fall into their traps. Just last week, one such instance happened on Facebook, where a scam developed that used “Cheerleaders Gone Wild” as its disguise. Although Facebook's team caught on to the fiasco rather quickly, there is little doubt that the promise of naughty cheerleaders was too much for some of the social networking site's members to pass up.

    It was reported that the affected Facebook accounts had messages posted with the title "Cheerleaders gone wild - have to see this." A photo of an attractive cheerleader accompanied the message.  A link that supposedly led to a wild video of cheerleaders was also offered, and clicking on the link led to a Security Check window that warned users of the video's content and that they must confirm that they were at least 18 years old to view it. 

    This was followed by a phony anti-spam window that told users to click buttons 1, 2, and 3 and then click submit. Once the user did this, their account was labeled as liking the Cheerleaders Gone Wild page in addition to liking "Free ringtones every day" and "Funniest Videos on the Web" pages. Although the users themselves did not actually click that they liked these pages, this was transmitted via their newsfeed and made public.

    The Cheerleaders Gone Wild scam was an example of clickjacking. Clickjacking, as the name might suggest, is when a click on a web page gets hijacked. This usually happens with the victim not even knowing that their click was redirected to something other than what they originally intended. 

    Hackers can clickjack by creating iFrames. An iFrame allows the hackers to split browser windows into different parts. From there, the hacker can insert a code into the specific area of the web page they desire. This code is invisible to the victim, and once they click on the part of the web page that has been compromised, the hacking attack can begin. Hackers usually tend to insert the clickjacking codes on links that seem harmless.

    Once a clickjacking takes place, the hacker can do a variety of malicious things.  For example, they could redirect you to a page with an embedded virus. They could trick you into making an online purchase, even though you clicked on a link or button to cancel or decline. Worse, they might even be able to trick you into turning on your computer's webcam so they can spy on you. Although these examples may seem extreme, the fact that clickjacking is so hard to detect makes them possible.

    There are a few safeguards that can be practiced to protect yourself from clickjacking. In the case of social networking sites and the like, such as Facebook and Twitter, make it a common habit to log out of them after each session. As long as you are logged out, the likelihood of attacks are lessened. 

    If you use Internet Explorer, disable JavaScript. Firefox users are better off, and they can use the NoScript add-on. NoScript has a ClearClick feature that counteracts clickjacking, and the add-on also allows users to block scripts selectively. The best tip, however, is to avoid clicking on links that seem suspicious or out of the ordinary.

    For more on this topic, visit http://news.cnet.com/8301-27080_3-20015975-245.html?tag=mncol;title

    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting Security Articles
    More By wubayou


    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap