Home Report: Nearly 15% of Videos on Facebook Are Likejacking Attempts [Updated]

Report: Nearly 15% of Videos on Facebook Are Likejacking Attempts [Updated]

A new report from Symantec suggests that nearly 15% of all the videos posted on Facebook are attempts at “likejacking,” a derivation of clickjacking where malicious programs take over a user’s Facebook profile.

ZDNet reports that Symantec conducted its research through its Norton Safe Web application that scans users news feed in Facebook. Likejacking is perhaps one of the most annoying and painful ways to be hacked on Facebook. It allows the hacker to take control of the profile, spread viral messages and perhaps download viruses and Trojans to a user’s computer.

Symantec is among many companies that have come out with a Facebook security app. Facebook partner Web Of Trust has an add-on where users can tag malicious links and security company Bitdefender has a similar product to Norton called Safego that scans user news feeds.

Likejacking is nothing new on Facebook. It started to rise shortly after the release of the “Like” button. Often times it is associated with a link to an outrageous story or a video that is probably too good to be true. We noted in June 2010 that some status messages look like, “LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE.” Not much has changed since then, as likejacking has taken on the characteristics of any other type of spam and phishing attempts. Video likejacking is often done by an iFrame overlay that brings a user to a site they were not expecting, hence taking control of Facebook login credentials and potentially performing “drive-by” downloads of malicious programs.

According to Bitdefender’s research from several months ago, 23% of Facebook users know a friend who has been infected with spam on the platform.

While we have no reason to doubt Symantec’s report, we have contacted Bitdefender to see if they have any additional information of likejacking stats. Bitdefender is one of the only other security companies that has an app that actively scans Facebook users’ news feeds for spam and phishing links. We will update this post when/if we hear back from the company.

Bitdefender Weighs In On Likejacking

[Update – Sept. 6 – 8:15 PDT]

Catalin Cosoi, the head of the online threats lab at Bitdefender, got back to us on what they see with lifejacking trends on Facebook. From his email:

It is quite difficult to estimate a precise percent of threats that spread through likejacking, since Facebook Graph Api doesn’t count external likes.

However, if we count only inside-the-service-likes, 15% looks like a pretty accurate estimate. If we were to include also external likes, based on our experience, we can estimate that up to 40% of the total amount of scams are spread through likejacking.

Also, we can estimate their efficiency based on the statistics offered by shortening services that have public stats.

For instance, a case study we did in March on a specific “See who viewed your profle” scam showed that the scam spread through approximately 287 unique URLs per wave. These unique URLs led to 14 unique Facebook applications on average.

Based on the data provided the the different shortening services they used, these URLs gathered 1,411,743 clicks and the distribution spike per URL was 34 hours. Also, not all shortening services offer these statistics, so the efficiency is definitely higher.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.