iPhone 14 Pro vs. 13 Pro Cameras Tesla Optimus Robot Best Free VPNs Apple Watch 8 Deals AT&T Hidden Fee Settlement Google Pixel 7 Pro Preview Heating Older Homes National Taco Day
Want CNET to notify you of price drops and the latest stories?
No, thank you

Facebook hit by 'likejacking' as worms scam the 'like' button

Facebook's controversial 'like' button has given rise to yet another new type of Internet fraud: 'likejacking'

Facebook's 'like' button has given rise to yet another type of Internet fraud. Malicious spammers are using the like button to entice Facebookers into firing up a clickjacking worm, in what has become known as 'likejacking'.

Clicking a dodgy, but innocent-looking, link takes you to a page asking you to click to continue. But you'll actually click the Troj/Iframe-ET virus --effectively a hidden 'like' button -- wherever you click on the page. As you happily browse the pictures of assorted Hollywood lovelies, you'll be unaware that the spam is now stinking up your feed like ordure in the hors d'oeuvres, ready for your gullible mates to click, and spread the infection yet again.

Virus specialists Sophos warn this is part of the CPALead advertising network, which uses a cost-per-action model. This baits victims into answering surveys or offers, generating cash for the Web site hosting the surveys and offers. By clicking on sketchy Facebook links, you're another click in the right place to earn the scammers more cash.

The latest '101 Hottest Women in the World' link, featuring Jessica Alba, is at least a little more plausible than recent enticements 'LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE' or 'This Girl Has An Interesting Way Of Eating A Banana, Check It Out!' Unless that's the sort of codswallop your friends are in the habit of posting, in which case we suggest you take a long hard look at your friendship criteria.

We're kidding, of course. Anything apparently posted by a friend comes with a built-in layer of trust, and anybody could click on a malicious link in an unguarded moment. Sophos recommends checking the recent activity on your news feed and profile, and deleting anything from your feeds and likes related to dodgy links. If you have been hit by a worm, we guess that'll learn you to click on smutty links -- stick to CNET UK's official fan page instead