The Problem of "Likejacking"

While searching information about Facebook, I came across this interesting term: Likejacking. It’s combined from like + clickjacking. And because I was curious what clickjacking was, I post a definition:

“Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to other another page, most likely owned by another application, domain, or both.” (By OWASP)

As I understand Likejacking, it works like this: With the help of programming techniques the Like button is invisible and positioned over another element on the page, and when you are clicking to the desired content you unwillingly “like” the site and via Facebook share it with your friends through News Feeds and your Wall.

Or as Sarah Perez (2010) puts it:
“Security researchers are warning of the newest Facebook threat, something they're calling "likejacking," a Facebook-enabled clickjacking attack that tricks users into clicking links that mark the clicked site as one of your Facebook "likes." These likes then show up on your profile and, of course, in your Facebook News Feed where your friends can see the link and click it, allowing the vicious, viral cycle to continue.”

She also warns from the malicious software embedded in the site:
“After clicking through on a link, victims don't get to see the promised content, but rather a blank page reading "click here to continue." This page contains the clickjacking worm (Troj/Iframe-ET) embedded via an invisible link. Click anywhere on the page and the message is posted to your profile and News Feed, allowing the worm to further its spread.” (Perez, 2010)

The lures that are used to trick the unknowing internet user are different: From entertaing topics such as:
"LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE."
"This man takes a picture of himself EVERYDAY for 8 YEARS!!"
"The Prom Dress That Got This Girl Suspended From School."
(by Perez)


(by Jackson)

to tragic events like the Indonesian Tsunami in 2004, the death of Michael Jackson and recent events in Japan.

The problem of likejacking is, that Facebook offers it a tremendous opportunity to spread fast. Jackson (2011) puts it like this:
“Scams like this used to be called clickjacking, but Facebook has made it a lot easier for these little tricks to go viral, spreading to hundreds of thousands of users within a matter of minutes. Because the site, which now has more than 600 million active users, has changed the game for scammers by providing such scale, the term has been modified to Likejacking when it applies to Facebook.”

The other problem is the abuse of personal information stored on Facebook or unaware of the threat submitted to the scammer/“hijacker” via a survey, one is asked to fulfil in order to look at the promised content (Jackson, Halsey).

What you can do about it is quite simple: Once you realise you have been scammed, you should delete the like and the News Feed from your Facebook profile and possibly apologise to friends. And as Jackson advises if you have your phone number posted on Facebook you should keep an eye on your bill, just in case.

If we avoid the ethical question of abusing tragic events for such scams and rather focus on the question of privacy and personal data abuse, one can experience through malicious software on the internet, we can conclude that there is not enough emphasis put on the dangers one can undergo through innocent social community sites like Facebook.

People are constantly instructed not to talk to strangers, to check the ATMS before they use them, not to give their personal data or even credit card data via phone and lock the doors and possibly bolt them as well.
But then in the secure environment of our living rooms we open a window to the scammers that await us on the internet.

I don't want to sound paranoid so maybe it would be best to stop right now. I'm not aware of any school programmes that would instruct minors what information they should share with their friends online. And obviously no one is troubled by the fact, that even though Facebook demands that their users are at least 13 years old, many children lie about their age, just to be a part of the “society”.
What are your thoughts on the matter?

Sources:
OWASP (2011) “Clickjacking”
at: http://www.owasp.org/index.php/Clickjacking
Jackson, Nicholas (14.3.2011) “FouTube and Other Viral Likejacking Facebook Scams”
at: http://www.theatlantic.com/technology/archive/2011/03/foutube-and-other-viral-likejacking-facebook-scams/72426/
Perez, Sarah (1.6.2010) “Likejacking” Takes Off on Facebook.
at: http://www.readwriteweb.com/archives/likejacking_takes_off_on_facebook.php
Constantin, Lucian (14.3.2011) Facebook Likejacking Scams Lure Users with Japanese Tsunami Videos
at: http://news.softpedia.com/news/Facebook-Likejacking-Scams-Lure-Users-with-Japanese-Tsunami-Video-189204.shtml
Halsey, Mike (2011) Facebook users become the latest vistims of the Japanese Tsunami
at: http://www.ghacks.net/2011/03/14/facebook-users-become-the-latest-victims-of-the-japanese-tsunami/

Japan earthquake – the use of earthquake and tsunami early warning system

Friday was devastating for Japan. The earthquake alone was powerful (8.9), but the 10m high tsunamis swept everything away. In the light of recent events, I decided to look into the Japanese earthquake early warning system. The JMA (Japan Meteorological Agency) launched the earthquake early warning system in 2007. After a P wave of an earthquake is sensed by a sesmograph the information about the location and strength of the earthquake is distributed through mass and addressable notification media within seconds. This system enables people to take precausionary action before first earthquake waves reach them. It still maybe only seconds and there are still limitations with the system as data is gathered and processed within seconds, but nevertheless it helps save lives.
As tsunamis are an even bigger threat to islands and coastal regions all around the Pacific, also JMA launched a tsunami early warning system, which functions in nearly similar to the earthquake warning system. The system was further developed after the Christmas tsunami disaster in 2004. Now the system helps alarm people all around the Pacific coast. Having had actual experiences with earthquakes in Japan, I know how to appreciate such information systems. I remember my first bigger earthquake in my 1 year stay in the land of the rising sun. It wasn’t a severely strong earthquake (5) and I didn’t realise it was an earthquake at first. I assumed the wind was blowing so hard, that my room swung like a tree house. (However it isn’t usual for a whole 4 floor building to swing like a tree house, is it?) After receiving a phone call from my Slovene friend half in panic instructing me to open the iron door of my room before they get stuck and to turn on the TV for further information, I realised that maybe we are having something more than ordinary wind. In the same moment as I turned on the TV, the first images from public transport surveillance cameras were showing the epicentre, the caused damage and tsunami alerts. That really is a fast information flow. Obviously it would be even better to fully avoid human casualties with a system that would enable earthquake and tsunami information even earlier, but I sincerely doubt if that is possible due to the nature of the disasters.

To tweet or not to tweet...

I've just read a newspaper article in Nedelo (yes, on paper :P ) about the 5th anniversary of Twitter “The Power of 140 signs”. Although I registered myself as a member of this new tool of communication, I've only contributed one line and also visited the site once.
The problem with Twitter for me is in its necessity to be active and online all the time. And I'm more one of those people who sometimes don't miss a computer screen for days.
Also the possibility of tweeting from a cell or as they call it nowadays the smart phone is not really that appealing for me: First, I haven't come to terms with my new phone yet – it is defying my mental supremacy and secondly, and I think this is at least of some importanece, I don't know what to tweet about.
The line that was chiselled in my brain from the article is: “Remember: Whatever you tweet can and will be used against you.” (by Žiga Turk)
It is surprising therefore, that so many Slovene politicians have chosen tweeting to be one of their ways of communication. I remember the “scandal” some time ago with our Minister of Justice, who made a public announcement on Tweeter instead of as expected and due to protocol send it via a traditional letter. The problem was the "revealing" of information not ment to be public.
Twitter is certainly a medium one should keep an eye on and if I want to master some new marketing approaches, then following the “new” would be a good start.

Digital World

After graduating from Faculty of Arts at Ljubljana University I decided to take up a masters course Strategic Marketing Communication at Faculty of Social Sciences. With a degree in languages (German and Japanese) I soon realised that the employment market demands additional skills (however helpful knowledge of languages may be), possibly connected with economics, management or marketing.
I chose the class New Media & Society, because I need to gather more knowledge about our »digital world« which is becoming more and more influential in everything we do. The internet and the endless possibilities it offers, changed our way of life and obviously also the rules of marketing. Basically one cannot imagine a company that would lack its own internet page or even internet store.
Personally, I'm not a computer addict or even a fan and still make a great use of a simple paper and pen. I have no real experiences in blogging, tweetting or facebooking, although I have my own accounts on each of the mentioned sites.
A topic that I would find interesting for further examination is the impact and influence the new media have on society, specially with recent political events in mind, the wiki leaks scandals and the Egyptian revolution (supposedly trigged by a facebook group). However I haven't thought of a specific topic or a research question yet.