[FSec] Whatever Happened to Facebook Likejacking?

Newsfeed

Nachrichtenbote
Back in 2010, Facebook likejacking (a social engineering technique of tricking people into posting a Facebook status update) was a trending problem. So, whatever happened to likejacking scams and spam? Well, Facebook beefed-up its security — and the trend significantly declined, at least when compared to peak 2010 numbers.

But you can't keep a good spammer down. Can't beat them? Join them.

Today, some of the same junk which was spread via likejacking… is now spread via Facebook Advertising.

WhateverHappened2Likejacking_01.png


The top middle thumbnail above is some kind of malformed egg. Typical click-bait.

The ad links to a Page with localized campaigns. Note the "Ca" and the "Fi".

WhateverHappened2Likejacking_02.png


The landing page uses an "app" trick to automatically redirect to a spam campaign:

WhateverHappened2Likejacking_03.png


We're pretty sure such tricks are a violation of Facebook's ToS. But so far, Facebook hasn't reacted to the sample we sent them.

Apparently.

Some of the spam campaigns are not exactly "safe for work" depending on the source ads:

WhateverHappened2Likejacking_04.png


Also a concern: some of the ads appear to be linked to compromised websites. The spammers may not even be paying for these ads.

Are you judged by the company you keep?

That's probably a question legitimate brands with a Facebook presence should be asking themselves.
On 04/09/13 At 12:56 PM

Weiterlesen...
 
Zurück
Oben