A researcher at Kaspersky Lab is warning of a new scam that pastes racy photos to victims’ Facebook pages while forcing them to view Web-based advertisements promoted by the scammers.
Writing on the Securelist blog, Kaspersky Lab Expert David Jacoby said that the scam was circulating among Facebook users, offering a link to videos with subjects designed to pique users curiosity with salacious content and other “news of the weird.” Facebook users unlucky enough to try to view the videos are “clickjacked” -forced to watch Web based advertisements, while links to splash pages displaying the ads are posted on their Facebook wall.
Analysis of the attack sites revealed that
the attackers used obfuscated Javascript, making analysis of the actual attack against Facebook hellish. Jacoby said that the scam inovolved multiple domains and around 300 pages – most identical but for the sensational videos promoted. Those include subjects such as “Air Race Plan Crashed in the crowd during a show!” and “A Really Giant Baby! Amazing it looks so real :D”
Victims who click on the ads while logged into Facebook will automatically “like” the attached video and be carried, via Webpage redirect, to a page hosting the clip. The likely motive, Jacoby said, is to generate traffic to the page and money for the scammers.
Clickjacking scams are common on Facebook. They can also be very lucrative for those running them. In November, federal authorities in the U.S. handed down an indctiment that named six Estonian nationals and one Russian in a global clickjacking scam that netted $14 million by redirecting traffic from sites like iTunes and Netflix to Web sites controlled by the scammers.
Facebook users who encounter suspicious posts on their Facebook account or that of friends should use the “spam” reporting feature within Facebook to make the organization aware of the content, Jacoby advised.