Sunday, October 31, 2010

Facebook Clickjacking/Likejacking Removal

Clickjacking or Likejacking..

In Clickjacking once the link is clicked, the attack then tricks victims into making a series of additional clicks, which give the attackers the ability to spam the malicious content on the victims wall and then starts the same cycle with your Friends & Friends of Friends.
Clickjacking may start it attacks in many ways through social networking sites specially Facebook. It'll either try to attract the user with appealing one liners like 

"I have never seen someone like this", 

"OMG The World's Worst Mcdonald Customer (Shocking Video and music..see more..)" followed by a shortened link, 

"10 things a girl does before going on her first date" 
"This Girl Has An Interesting Way Of Eating A Banana, Check It Out!"
"OMG This Guy Went A Little Too Far With His Revenge On His GirlFriend"
 " 101 Hottest Women in the World" with an image of Jessica Alba.....and many more...


If the message in a form of a facebook application then it'll try to trick you to click the Four letter Word "LIKE"..The danger starts after you click on the Like button and continue. These attackers usually create these facebook apps with an iframe which they layer invisible over the facebook site. Thats why it is also sometimes called iFraming or LikeJacking

These Clickjacker haven't done anything very dangerous but they can easily open backdoors for password stealing Trojans and other malwares. 

How to Know if i am Clickjacked

Keep checking your profile wall. If you see that messages with links are being sent out automatically from your profile to your friends then you can be sure that you are Clickjacked. Also check your "like" pages for applications and fanpages that you never joined. If not removed this Clickjacking may start collecting your personal and private information which leads to identity thefts.  
Clickjacks succeed because people tend to trust information given to them on social networking sites, especially if it appears to have won the approval of several friends. 

So the one and only advise to prevent this from happening: 

- Don't click on suspicious links, even if they've been sent or posted by friends," 
 - Users should  ignore requests from people they don't know. 
 - You should stay informed of Facebook's privacy settings and the changes they undergo

How to Remove Clickjacking Attacks

Step1: If you have already clicked on a link resulting in an addition to your "Likes and Interests" section of your profile, you can edit your "Likes and Interests" field by clicking "Edit My Profile" underneath your profile picture. Then, select "Likes and Interests" from the left column menu.


Step2: Delete the Page from NewsFeed..usually under Recent Activity.


Step3: Report it in Facebook Security Page: http://www.facebook.com/help/?page=420 



Step4: Search for Defensio Social Web Security in Facebook and join Defensio Fanpage. (You will have to Trust these applications and allow to access your private data.:-) Dont worry these are genuine apps)


The advantage of joining The Defensio Social Web Security is that everytime you make a mistake and click on an unwanted link it'll warn you and will ask you to remove it.


Step5: Run a scan using your anti-virus or download this tool and run a full scan.




Step6: After running the scan follow the instructions and then restart the computer. Logon to your Facebook profile and send messages to your friends to avoid the mistake you did.






Posted by Unknown at 3:55 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)