A few of my Facebook friends posted links on Facebook that took anyone who clicked them to malware sites. The link claimed to offer free airline tickets. What makes it even more interesting is that they most likely have no idea they went to a malware site or that they shared the link. So before I get started explaining the issue, I will say this. If it sounds too good to be true, it is. Do not click it. Do not share it. Click jacking
(there are other names, but I like this one) refers to a technique where some snot head (it seemed appropriate to censor the word I wanted to use) gets you to click a link thinking you are going to one place when in reality, it is taking you to something else and/or it is performing other actions that you did not intend to happen. It might add it as a “like” to Facebook or make some post for you that you did not want made. It might be a stupid prank or it might be a malware site.
So here is what happens:
Scenario 1- No real harm
- You see a link on someone’s Facebook offering something free. You click it and are taken to some kind of website that could benign or have malware/viruses.
- You may also see a link to a video. When you get to the page, you have to click the video to show it. Clicking the video (which is really just an image designed to trick you to click it) performs an action due to a Facebook explout.
Something you click on that page is linked to the “like” button that you normally click. Often it is a picture disquised as a video you click to play. What ends up happening is that you share that link to a site on your Facebook page without even knowing it. Often this is just to goof with people and no harm is done. Still it propagates useless links.
Fix: This will probably happen at some time to you. All you do is go back to your wall and delete the post. Also you need to go into your account settings and delete it from your profile. What happens is when you like certain things, it is added to your profile as an interest. So later down the line, someone might click it. Sneaky huh?? Facebook has this feature so that when you like a page of a product, music group, etc, it can more fully expand your profile. Just check it periodically. Scenario 2- You might be toast
This is the scenario I saw this weekend. You click the link for those awesome free airline tickets and it takes you to a website to get them..Sounds cool so far. Problem is this: 1) That site has malware on it. Many sites with malware can automatically mess with your computer and that is serious bad news depending on what it is designed to do. Some antivirus catch this, some do not. 2) It makes a post on Facebook using your name and you unknowingly invite your friends to the slaughter.
Fix: Have a good antivirus installed. I admit I did click the button just to see what the scam was and my free AVG lit up like a Christmas tree blocking it. If you do not have antivirus, you should not be on the Internet or sharing anything with anyone ever. No excuses here. Not having antivirus is irresponsible and asking for trouble especially since you can get quality antivirus protection for free. Get AVG Free
(no affiliation, just one I personally use because it is free and high quality) if you have nothing. I use it over commercial ones and have also used their pay version as well. If you were careless and clicked a link you knew was too good to be true and you received a warning, then immediately check your Facebook page to be sure it did not post for you. Scan your computer as well. Also message the person who had that link and tell them to delete their link to malware.
Facebook is awesome, mostly. Still it is not perfect and you cannot always trust things that your friends post because as you can see, it may not be them.
So the big take away is this:
- Either install antivirus, update regularly, and scan regularly (like daily) or never get on the Internet or share files with anyone.
- Do not click links that sound too good to be true. This take away will not help in all ways as even a picture or video can be link jacked, but it will help somewhat. At least use caution.