I do not like weird Facebook link spam.
June 29, 2010 10:53 AM   Subscribe

I sometimes see sketchy links that automatically post that you "like" them on Facebook when you click on them. How harmful are they, exactly? What can I do to prevent them from showing up?

I've only noticed this within the past few months, around the time when Facebook started putting like buttons on damn near everything.

It goes like this: there will be a post in my news feed about how one of my friends likes something, usually with a title like "You Won't Believe This Funny Blooper LOL" or something similarly dumb and attention-grabbing. If I click on it, it'll take me to a really crappy website with crappy ads, and I'll usually be prompted to Click For More!, and it's usually not until I've clicked that I realize, "wait, this is really sketchy." By that time, there's a post on Facebook that I like the sketchy link, and anyone else who clicks on it auto-likes it too.

I delete and report them as soon as I come across them, and I avoid clicking external links that anyone "likes." Just recently, though, a friend IMed me a link that went to one of these sites, not realizing it was a trap. We figured it out pretty quickly, but the spammage was done. (I wasn't on Facebook at the time, but I hadn't signed out.)

What the heck are these? What do they do? Can they get my account information from this? I've looked through recent news and Facebook's FAQ but found nothing. If anyone can provide an explanation, I'd be grateful.
posted by Metroid Baby to Computers & Internet (3 answers total) 5 users marked this as a favorite
The one that very nearly caught me looked like it loaded an IFRAME tag that looked to Facebook just like the request it would get if you clicked like. There may have been some JavaScript it used to accomplish making this request, and it also looked like I would have needed to click a second link to screw up the request. It may be as simple as putting a different image on top of a Facebook-provided 'Like' button.
posted by mkb at 11:03 AM on June 29, 2010

Best answer: As of May 31, this sort of "clickjacking" worm was benign, except for the obnoxious "liking" that spread, and the same story was being carried as recently as June 15th, possibly because of a recent outbreak of a "check these hot women out" ad.

The Sophos Blog lists steps to fix the issue:
1) Remove the page from your “Likes and interests” section.

* Click “Edit My Profile”, then “show other pages”, and then “Remove Page” … or
* Click “Account” in the top right corner, then “Edit friends”, select the “Pages” list, and click the X next to the page

2) Delete the page from your newsfeed - it will probably be in the “Recent Activity” section, but you may need to scroll down a bit to find it.

More: safety tips, and how to "harden" your browser. Option 1: disable everything. Option 2: Firefox + NoScript
posted by filthy light thief at 11:10 AM on June 29, 2010 [1 favorite]

Response by poster: Aha, thank you! I hadn't been able to find anything about clickjacking for some reason. Good to know it's not too harmful, but I'll be installing NoScript anyway.
posted by Metroid Baby at 11:45 AM on June 29, 2010

« Older I need a second job to bring me $1k a month -...   |   We'd rather reign in hell than serve in heaven! Newer »
This thread is closed to new comments.