Security firm Sophos warns Facebook users that a rapidly spreading clickjacking scam posing as a link to a 'horrific video' about Coca Cola should be avoided.
Clickjacking is a technique used to trick people into revealing confidential information or to take control of a remote PC, after its owner has clicked on a seemingly harmless Web page.
The company says the scam differs from previous clickjacking attacks, as it cons users into sharing the link manually, many times with their Facebook contacts.
The message preceding the link reads as follows: 'I am part of the 98.0% of people that are NEVER gonna drink Coca Cola again after this HORRIFIC video -->'.
Users who click the link are directed to a page that is supposed to show a video. However, an error message is displayed, telling the users they must share the video content several times before the clip can be viewed. Once they have done this, a survey page requesting all sorts of personal information pops up.
"It's always amazing that people will go to such great lengths to watch a video from a source they know nothing about," says Brett Myroff, CEO of regional Sophos distributor, Sophos SA.
"With clickjacking, users unwillingly 'liked' a Web page or a video automatically if they clicked on a link that they saw on a friend's wall. With this Coca Cola scam, users are actively sharing the post numerous times and then they're volunteering personal information - all because the temptation to see a video is too much to resist.”
He adds that users are in the dark as to how their personal information may be used, and that only the scammers behind the attack will benefit. “Facebook users need to wise up to the risk of outside threats to control the spread of attacks such as these on social networking sites," he says.
Myroff advises Facebook users that have been affected to view the recent activity on their news feed and delete entries related to the offending links. He says they should also remove any offending pages from the 'likes and interests' section on their profile.
Share
