Facebook 'Likejacking' Attack: Do Not Click on 'Paramore N-a-k-ed Photo Leaked!'Scam

We recently reported that hackers were spreading a dangerous worm through Facebook's 'Like' feature and now a new clickjacking scam is tricking users into ‘liking’ a page that has the message "Paramore n-a-k-ed photo leaked".

You may have heard of 'clickjacking' scams in the past which are instances when a cybercriminal tricks web users into performing an undesired click on a concealed link. Usually during an ideal clickjacking attack, a computer user thinks that they are clicking on a visible button but are actually clicking on a hidden link that redirects them to a malicious web page.

In the recent 'likejacking' scam on Facebook, users are presented with a message reading: "paramour n-a-k-ed photo leaked" as shown in Figure 1. below. The link claims to point to a site that contains a naked photo of the rock band Paramour's lead singer, Hayley Williams. Not only will users be disappointed to not find the naked photo, but they will be offered to click on a message saying "Click here to continue if you are 18 years of age or above" which is essentially a hidden link, or invisible iframe, telling Facebook that you 'like' this link. Clicking on the message will automatically publish the same link on the victims Facebook wall potentially allowing friends to click on it.

Figure 1. Likejacked Paramore n-a-k-ed photo leaked malicious link.

It is getting rather redundant to keep hearing all of the Facebook privacy issues and cyber attacks in the recent months. The fact remains, Facebook users are a prime target for hackers and cybercrooks. The recent 'likejacking' attacks are just a few examples of the dangers of using the social network Facebook.

Have you taken control of your Facebook privacy settings? Are you a victim of clickjacking or likejacking? With Facebook quickly approaching near 500 million users it is essential that you check your privacy settings and stay abreast of the latest attacks. We will continue to give you updates and alerts on the latest security news in addition to Facebook and social networking issues. Remember, do not click on a link that says "paramour n-a-k-ed photo leaked" under any circumstances.