Mundolike Clickjack – Me No Like

Beware of a new clickjacking attack spreading through Facebook. This one spreads like so many other clickjacks: through user wall posts. This particular attack is recognizable by the post “Usted debe ver esta película!” along with a lude picture meant to convince you to follow the link. When you follow the link, it directs you to a page on that contains a video. There’s nothing sexy about it, though. When you click play, you get a video of a prank that involves throwing mannequin heads at unsuspecting people. It’s not even funny.

What else do you get?

Our old friend the clickjack. The video’s play button covers a Facebook”like” button. When you press play, you spread the clickjack through your Facebook wall by unintentionally posting the link.

This clickjack could trick you even if you sign out of Facebook before visiting the mundolike page. If you have signed out, then the page will redirect you to the standard Facebook log in page. When you sign in, it automatically posts the clickjack to your wall.

So much for trying to outsmart this clickjack.

It doesn’t seem that anything truly malicious happens when you fall for this scam. It just makes a fool out of you by using your wall to spread to other people. Some clickjack attacks, however, steal passwords and other private information. You can’t be too careful. If you have fallen victim to this clickjack attack, then remove it from your wall and change your password to make sure your account is safe.



Explore posts in the same categories: Uncategorized

Tags: , , , , , , , ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: