Archive for March 2011

10 Stupid Proposals

March 30, 2011

Hang around on Facebook long enough, and you’re going to encounter a few clickjacked links.

Recently, I spotted one that had been passed along by a good friend of mine who is usually pretty tech-savvy. The link promised a video of 10 stupid marriage proposals that guys have used. That actually sounded like something she would have posted, so I clicked on the link.

It didn’t take more than a few seconds to realize that I’d been made a sucker.

The website asked me to fill out a survey before watching the video. Great, I thought. I just got clickjacked. At that point, nothing I did was going to change anything. In fact, I’d probably already been nailed when I reached the page.

I closed out my Web browser, opened another, and logged back on to Facebook. There was all the proof that I needed. My wall now said that I had “liked’ the link, along with the friend who spread it to me.

So, what did I do in this situation.

The very first thing that I want to do is prevent my other friends from following the link, so I immediately posted a wall comment that something along the lines of “don’t follow that stupid link about the marriage proposal. It’s a clickjack.”

Telling my friends, however, isn’t really going to solve the problem. Facebook now has an option that allows you to report spam. Just move your cursor to the upper-right hand corner of your post. A box will appear that gives you the option to report the comment as spam.

Assuming that Facebook is paying attention, taking part in the reporting process should help identify and eliminate clickjacks more quickly.


Don’t Try to Spam My Blog

March 29, 2011

In all seriousness, you have no idea how many spam comments this blog gets on a regular basis. This really makes me question the intelligence of the world’s hackers. I know that a lot of what they do is automated, so they probably don’t even know where their comments show up half the time, but (and this is a really big ol’ but) this whole blog is about clickjacking! Do you really think that I’m going to allow spam comments that contain clickjacks?

The audacity blows my mind.

Most of the comments don’t even have the slightest thing to do with the post. For instance, I recently wrote a post about clickjacked posts focused on the latest Charlie Sheen meltdown antics… and someone tried to place a comment about fake failblog that focused on stupid ways that guys have proposed marriage.

Who falls for this kind of tripe?

Had the spam been somewhat relevant, perhaps I would have allowed it. Hey, I get busy. I don’t always check every little thing that comes my way. It’s possible that a relevant clickjacked comment could get through. But no. There isn’t even enough respect for that. Instead, it’s just a bunch of meaningless, unrelated drivel.

As I’ve stated before, you don’t have to be smart to run a clickjacking scheme. You don’t even have to know much about computers.

I think that, in a way, that’s what really makes me sad. I can tolerate criminals who know their craft. I can’t tolerate morons who just slap any old thing together and hope for the best.

A Whale of a Story: Clickjackers Use Tragedy in Japan to Make Money

March 23, 2011

Although you are probably savvy enough to avoid the average clickjacking scam, you might find that it is tough to draw the distinction between a real news story and a hoax when it comes to a serious tragedy. The tsunami in Japan recently unleashed a torrent of clickjacking attacks that tried to tug at heart strings. As quickly as these videos spread, though, journalists and bloggers followed with warnings.

One, however, seems to have slipped through, possibly because of its unique “content.”

Facebook users might have recently seem a link to a video that claims to show a whale smashing into the side of a building. That’s the kind of image that one would expect to see in a terrible sci-fi movie. The opportunity to see it actually happened caused many people to shut down the critical part of their brains and follow the link.

Of course, they never got to see the whale.

Instead, they anyone who followed the link would have seen what looked like a video player embedded in a web page. Clicking on the “play” button, however, didn’t execute the promised video. Clicking on the button only opened an online survey.

So far, it doesn’t seem that this clickjack attack has caused any serious problems for those who fell for it. Considering that some people inevitably took the quizzes, though, the hackers in charge of this charade undoubtedly made some money.

Many clickjackers use online survey to generate income. Using one that takes advantage of an international tragedy, however, is absolutely heartless.

Japan Crisis Encourages Clickjackers

March 15, 2011

There’s nothing like an international crisis to motivate clickjackers.

The combo hit of earthquake and tsunami, therefore, provided the perfect opportunity for unscrupulous hackers who want to profit from the misery of millions.

What can you do to stop them from taking advantage of this crisis?

Don’t fall victim to their ploys.

Currently, there are lots of clickjack attacks circulating online. While they’re all over social networking sites, they’re also scattered throughout the Internet. Keeping up with them is nearly impossible. Most of these scams just want to trick you into filling out a survey or “liking” a group that you’ve never heard of. Others, however, are a little more nefarious: they send you to websites requesting monetary assistance for the people in Japan.

In other words, they’re stealing money that you want to donate to needy people.

If you have ever read this blog before, then you know how clickjacking attacks work. Use the same skills to avoid these scams:

  • Don’t follow links that promise outrageous pictures or videos
  • Don’t trust wall posts from your friends that seem out of context or character
  • Don’t let your heart get in the way of your brain

When you avoid these clickjacking scammers, you make it harder for them to profit on someone else’s misery. It also means that you can direct your time and resources at the people who need them most.

It’s times like these that you have to really pay attention to what you see on the Internet. Just remember, if it sounds unbelievable, then don’t believe it.

Searching for Spyware Solutions

March 11, 2011

Clickjacking takes advantage of  trust. Not only the trust that you give websites and social networking sites, but the trust that the Internet gives its content.

No matter what kinds of precautions you take, sooner or later that trust could mean that you become a victim of clickjacking. You might not even know it. Sometimes clickjacking victims never figure out why their  computers work so slowly and they keep getting annoying posts on their Facebook walls. They certainly don’t notice that spyware is keeping track of their every move and stealing information from their computers.

That’s why it’s important to find a solution before you ever fall prey to a clickjacking scheme.

If you don’t know much about computer security, then you’ll want to choose an option that does most of the work for you. You don’t even have to spend a lot of money. In fact, many anti-sypware software developers allow people to use basic versions of their programs for free.

That’s how I found Anti-Spyware for Dummies. At first, I wasn’t sure whether it would work well for me or not. Since they offered a free trial version, I decided to give it a shot. Over the course of two weeks, I must have tested over a dozen pieces of software designed to seek out spyware. I keep a lot of important information on my computer (pictures, home movies, and tax information as well as work), so I wanted to choose the best option.

After a couple weeks, I had come to the conclusion that I must be a dummy. The trial version of Anti-Spyware for Dummies had helped my computer more than any other piece of software, so I bought the full version. I haven’t had a serious clickjacking problem since.

I Can’t Believe It; I Don’t Believe It

March 4, 2011

Oh, Justice Beaver, what will your fans do next to win your heart?

Even if you’re not a big fan of Justin Beiber, or The Office for that matter, you might have seen a recent clickjack attack circulating through Facebook.

There have been tons of clickjacking attempts that target Beiber and his teenage admirers. This recent one states “I can’t believe a GIRL did this because of Justin Beiber!” also contains a side view pictures of a girl wearing what might be the world’s shortest skirt.

The temptation here is pretty obvious.

Click on the link, however, and you’re not going to find out what this girl supposedly did, or why her behind played such an integral role. Instead, you’re going to get a heaping spoon of disappointment and a clickjack that spreads the hoax through your Facebook wall.

If you really can’t stop yourself from visiting the Bad Beiber site where the video is supposedly hosted, then at least log out of Facebook. That way you can avoid getting clickjacked.

What’s the problem with a little clickjacking action? Well, first off you’re going to look like an idiot who went to the fake Beiber site for what is obviously a scam. That’s not going to win you any admirers on Facebook. Second, you’ll have to tolerate many of the common side effects of clickjacking: reoccurring wall posts, online surveys, and spam.

As a simple rule, I should point out that if something says “I can’t believe…”, then chances are that you shouldn’t believe it.

(Imagine via: