One more clickjacking Facebook attack – “First Exposure: iPhone 5” scam.

Few weeks back it was Bin Laden execution video scam on Facebook and now its “First Exposure: iPhone 5” scam that is going around. Facebook users are fooled into automatically spreading spam by clicking on what looks like a link to a hot topic news titled as “First Exposure: iPhone 5”.

This new scam is exploiting people’s interest in the next generation of iPhone. Facebook users may see some of their fiends comment on a link that looks like a news about iPhone 5. Actually link takes you to the website “greatlakesnews. info” and from there different webpages open into the browser. First a webpage that has a captcha window asking user to verify a word, this is to make sure that the link is not being scanned by some automated bot or anti-malware scanner. Once the user enters the captcha in the window and it verifies that the user is not a bot but a human being it immediately posts a message to all your friends indicating that you have commented on the news and provides all your friends with a bogus iPhone 5 news link. It further takes you to different websites that market different products and display various advertisements.

Social Media like Facebook has made it very easy for such clickjacking attacks as it is very difficult to identify genuine links posted by the friend circle and that by a clickjacking attack. The very important change here is the captcha window which is trying to avoid automated antimalware scan as legitimate sites do not really make you prove that you are a human to read the news articles.

My recommendation is avoid reading the “First Exposure: iPhone 5” article posted on Facebook.

 

Sanjay Katkar

Sanjay Katkar


No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image