PREVIOUS ARTICLENEXT ARTICLE NEWS
Facebook experiences Clickjacking issuesBy Tom Manners 17 June 2010 | Categories: news
With clickjacking worms becoming an increasing problem on Facebook, a study recently conducted by Sophos has revealed that 95% of respondents do not believe that Facebook is doing enough to stop them.
The attacks, dubbed 'likejacking' by Sophos, exploit the 'Like' button facility by automatically updating a user's Facebook page to say that they 'like' a third-party webpage. This is shared with the user’s friends through their newsfeed which helps the attacks to spread across the social network.
"Although the attacks are yet to deliver malicious payloads, they demonstrate an exploitable weakness in the way that Facebook works, putting users at potential risk from further malware or phishing attacks," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
He adds that Facebook hasn't been security-conscious enough in the implementation of its social 'like' plugin, leaving the system open to abuse by spammers and scammers and exposing users to the risk of outside threats.
"One solution would be for Facebook to implement ways for members to make a more conscious decision as to whether they want to 'Like' third party content or not. By having a pop-up box asking whether users are sure they want to 'Like' a particular page, or offering the option to disable the third-party 'Like' feature entirely, the spread of these attacks would be much easier to control," says Myroff.
"Facebook needs to set up a proper early-warning system to alert users about breaking threats. The only place where Facebook users can read about the latest attacks is on the pages run by security vendors on Facebook, rather than the social network's own security pages."
Facebook is now the largest and most active social network in the world, boasting over 400 million users.
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?
New smartphone announcements (10 votes)Technological breakthroughs (13 votes)Launch of new consoles, or notebooks (9 votes)Innovative Artificial Intelligence solutions (8 votes)Biotechnology or medical advancements (15 votes)Better business applications (6 votes)