Can I get clickjacked on Facebook?

There has been some recent discussion and confusion about whether it is possible to get clickjacked while on a Facebook page. A lot of this comes from a misunderstanding of Facebook’s individual functions and which pages/applications are actually on Fb.

Some rumors state that you can get a worm by “liking” a group with a clickjacked link.

Although I can’t say that this is completely impossible, it does seem a little unlikely to me. Facebook has been hit with at least four clickjacking attacks this month, but I’m not aware of any that have actually occurred with a group’s “like” button. more often than not, the clickjacks come from links that lead users away from Facebook. The problem seems to be that a lot of people don’t know where Facebook stops and where it ends.

This isn’t to say that everything on Fb is safe. That’s certainly not true. Social networking is an easy way for hackers to spread viruses and clickjack attacks, so they’ve used their resources to develop new methods that take advantages of even the smallest security threats on web sites like Facebook and Myspace.

By and large, though, Fb has been very responsive to links that send members to clickjacked pages.

Facebook also uses framebusting techniques that should make it very difficult for someone to clickjack one of the company’s own pages. Again, it’s not necessarily impossible. But I do think that it’s pretty unlikely despite some reports that have been going around IT security sites today.

Advertisements
Explore posts in the same categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: