Freely subscribe to our NEWSLETTER

Zscaler ThreatLabZ has seen the number of Likejacking attacks grow to become the most common social engineering threat encountered on Facebook today, with unsuspecting users and their friends falling victim daily. Likejacking is a form of Clickjacking, which causes people to be surreptitiously tricked into clicking one or more hidden links on a web page. With Likejacking, attackers exploit the Facebook “Like” button and other widgets – including the latest announced “Listened,” “Watched” and “Read” gestures, game “Challenge” button, and even the “Dislike” button if implemented – by getting people to click them. The “Like” buttons are often hidden transparently behind a “Play” or other button, causing you to click without knowing that you just unintentionally “Liked” something; this causes the content to appear in your friends’ News Feeds with a link back to the “Liked” website. The result, as you can imagine, is that it can spread virally very quickly from network to network, enabling the attacker to spread malicious links, propagate spam and conduct other types of social engineering attacks.

“Our findings are consistent with other security researchers, who estimate that approximately 15 percent of Facebook videos alone are, in fact, Likejacking attacks,” said Julien Sobrier, senior researcher, Zscaler ThreatLabZ, and developer of the new Zscaler Likejacking Prevention tool. “In 2010, for example, hundreds of thousands of Facebook users fell victim to a single scheme alone.”

Sobrier continued: “Attackers are constantly developing and engineering new tactics and, unfortunately, traditional security products often lack the kind of protection users need to defend themselves. As Web 2.0 sites increase their use of social plug-ins such as the Facebook ‘Like’ button, attackers are shifting to malicious clickjacking techniques, which are not being detected by browsers. Proactive tools like the new Zscaler Likejacking Prevention tool will provide simple yet effective protection against Likejacking and any type of clickjacking impacting Facebook widgets.”

According to Michael Sutton, VP of Security Research, “Communication mediums on the Internet have shifted and attackers have quickly adapted. Whereas spam email was once the communication medium of choice for attackers, they now leverage social networks to communicate with victims. Overall, Facebook is a more effective social engineering tool because, when exploited, the communication is coming directly from a trusted source. Unfortunately, browsers remain vulnerable to web-based attacks such as Likejacking, and mobile browsers and traditional security solutions have failed to address this threat.”

Zscaler Likejacking Prevention is freely available to everyone today and can be downloaded from http://www.zscaler.com/zscaler_likejacking.html.