Even though likejacking (a type of clickjack attack that uses Facebook’s “like” option to spread malware) has become a popular topic, many people are still using Fb as if the problem doesn’t actually exist. To some extent, it’s kind of hard to blame them. After all, I’ll be the first, but hardly the only, person to tell you that it’s really difficult to create a browser plug in that will detect and prevent every single clickjack.
Those who are leaving it up to fate also point out that likejacks haven’t really caused too many problems. More so than anything, they’ve just been annoying wall posts that tick you off. That’s hardly worse than a prank than some 12-year-old kid down the street might pull on. It’s similar to posting an offensive sign in your yard. Yeah, it pisses you off, but you’re not going to call the cops about it.
I understand this position, but I think that it’s very dangerous. I want to point out that likejack attacks haven’t caused any significant problems SO FAR. That does not in any way, though, mean that they will continue in this way. It would be so easy for someone to alter these attacks for nefarious purposes. They could infect your computer with keylogging software that steals your passwords; viruses that gather personal information that hackers can use to steal your identity; and a host of other invasive software that will, at the very least, slow down your computer and eat up your broadband connection.
The fact is that these attacks could become very serious. I don’t want to sound like I’m constantly screaming the same thing over and over, but we’ve gotten lucky so far. And that luck can’t hold out forever. Give it time and a likejack will cause serious problems. Maybe that’s what it will take for Facebook to get serious about finding a solution.