Cheryl Crow gets clickjacked

Fans of Cherly Crow, the British pop star and judge of The X-Factor, should watch out for a Facebook post that promises to, um, expose the young singe: the post contains a clickjacked link that will “like” the post and share it with friends.

As far as convincing clickjacks go, this one’s pretty bad. The hackers have taken a picture of Crow getting out of a  car and superimposed a big censored sign, suggesting that she was pulling a “Britney,” as it were, and posted it on a fake BBC web page. Yes, BBC, as in British Broadcasting Corporation, which doesn’t tend to focus a whole lot of celebrity genitalia.

The fake page isn’t very convincing, but it doesn’t need  to be. The damage is done as soon as  you follow the link. Anyone who has clicked on this post can look at their recent activities, where they will find that they liked the post without ever having clicked a like button. This has happened because the hackers used a clickjacking technique to hide an invisible frame that contains a Facebook like button. Even though you never knew that you clicked it, Facebook doesn’t  see the difference.

Hackers have found that this is a convenient way to spread links quickly. The very nature of social networking sites like Facebook means that clickjacked links can spread to thousands of people within a few short hours.

You can protect yourself by only following links that you trust. If you are uncertain of a source’s legitimacy, then do a little research before following the link.

Explore posts in the same categories: Uncategorized

Tags: , , , , , ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: