Clickjacking spreads 'Twilight' scam on Facebook: Sophos

by CXOtoday Staff    Apr 12, 2011

spamIT security and data protection firm, Sophos, is urging Facebook users to be cautious following the discovery of a rapidly spreading scam targeted at fans of the popular ‘Twilight‘ teen vampire romance movies.

Scammers are pretending to be linking to a game promoting the upcoming movie “Twilight Breaking Dawn” starring heart throbs Ed Cullen and Kristen Stewart. However, by clicking on a “Play Now” link, users are clickjacked into announcing that they “Like” the link, thus spreading it virally across Facebook.

“The only problem being that this isn’t a legitimate application request, but is being done by a rogue app which wants to make money out of your devotion to the works of Stephenie Meyer’s series of novels. Predictably, having gained the ability to post to your Facebook account, the scammers then present the final piece of the jigsaw: an online survey which earns them affiliate commission for each person who completes the questionnaire,”Graham Cluley, Sr. technology consultant, Sophos.

The scam continues with users then being presented with a dialog box, asking them to grant permission for a third party application to access their Facebook account and post messages, updates and photos to their wall.

If Facebook users have been affected by this scam, they should clean up their account before any further damage is done, advised the research firm.