Every day new Facebook spam is born. Hardly Facebook can detect and kill them immediately unless a large number of users report the Link. In its lifetime, Out of 100 users who come across it, only 20 people will ignore it. Rest 80 people will unknowingly click through it and fuel the ClickJacking Attack.
It is essential that everyone should know about clickjacking attack.
This leads to SPAM posts on your Facebook timeline and sometimes on your friend’s timeline and the groups you are a member of.
To prevent such kind of embarrassment, “NoScript” comes to the rescue.
The Firefox/Chrome Extension “NoScript” protects users by selectively blocking all the Scripts in a Webpage that might not be Safe.
Besides you are free to allow scripts selectively, on the websites you trust.
Along with clickJacking attacks, NoScript also protects you from XSS Attacks.
XSS (Cross-Site Scripting) vulnerabilities are usually programming errors made by web developers, which allows an attacker to inject his own malicious code from a specific site into a different website.
XSS vulnerabilities can be used, for instance, to steal your authentication credentials and to impersonate you on the victim site. But with “NoScript” installed on your web browser, you need not worry about XSS attacks.
You might also like Sidejacking – Hacking USER Accounts on LAN & WiFi!
Let us see some of the latest clickjacking attacks (Facebook spam)
1. Get FREE $200 Amazon Gift Card!
Another Amazon Gift card scam is luring people across Facebook, and No, it doesn’t use any clickjacking attack. Instead, it just tricks users to share the scam with their friends all by themselves.
Just came across this Facebook post titled “Get FREE $200 Amazon Gift Card”, at first I thought it was genuine since the user had actually shared it by himself and not how normally scams are spread on Facebook (via unknown apps). This got my attention, and I immediately checked the link.
So here is the smart landing page of this Scam. It appears that it is offering a free gift card if you “Share” their page and comment “Thanks” before getting your gift card. If you share it, it posts to your Facebook stream, and other people see it and automatically trust you and click on share as well.
You see how these Scammers are encouraging you to re-share the link and add a Thanksgiving comment before it will allow you to access the allegedly free Amazon gift card.
Once you complete the required steps, you will be taken to another webpage, wherein you will be asked to complete surveys or offers which are affiliated to the Scammers, who in-turn earn cash for every survey or offer you complete and there is no Gift card.
The Amazon gift card scam is very similar to other Facebook scams. First, they require people to like or share the message on Facebook in an attempt to spread the scam.
Second, they direct people to complete a fraudulent survey which extracts personal information such as email addresses, telephone numbers, dates of birth, and credit card numbers.
Lastly, these scams never end with a free gift card or anything that was promised before.
2. Peshawar Attack footage from Inside the School leaked.
Last week we witnessed the most horrific and senseless terrorist attack in Peshawar, Pakistan. ‘The Peshawar school attack’ that claimed over 140 lives, the majority of whom were children. No cause can justify such brutality. No grievance can excuse such horror.
The whole world cried along and condemned the attack. But spammers on the internet are taking advantage of this heinous crime. A new Facebook spam called “Peshawar Attack footage from Inside the School leaked” has been surfacing on Facebook since last week.
This Facebook SPAM is luring users by promising them of showing CCTV footage of the whole attack inside the School. While there were no CCTV cameras installed inside the School, there is no such video showing the entire attack or any footage of the same.
If you happen to come across such posts in your Facebook feed, please do not click on it and make sure you report it to Facebook. When clicked, it will take you to an external page that disguises as a YouTube video player.
If you click the play button, the links of the same will be sent to all your friends and the story will be published on your timeline. Meanwhile, it will install adware on your system as well.
Please be wary of it and inform your friends and family. We share the pains and sufferings of the parents who lost their children and condemned this inhuman act in the strongest possible terms.