A new report from Symantec suggests that nearly 15% of all the videos posted on Facebook are attempts at "lifejacking," a derivation of clickjacking where malicious programs take over a user's Facebook profile.
ZDNet reports that Symantec conducted its research through its Norton Safe Web application that scans users news feed in Facebook. Lifejacking is perhaps one of the most annoying and painful ways to be hacked on Facebook. It allows the hacker to take control of the profile, spread viral messages and perhaps download viruses and Trojans to a user's computer.
Symantec is among many companies that have come out with a Facebook security app. Facebook partner Web Of Trust has an add-on where users can tag malicious links and security company Bitdefender has a similar product to Norton called Safego that scans user news feeds.
Lifejacking is nothing new on Facebook. It started to rise shortly after the release of the "Like" button. Often times it is associated with a link to an outrageous story or a video that is probably too good to be true. We noted in June 2010 that some status messages look like, "LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE." Not much has changed since then, as lifejacking has taken on the characteristics of any other type of spam and phishing attempts. Video lifejacking is often done by an iFrame overlay that brings a user to a site they were not expecting, hence taking control of Facebook login credentials and potentially performing "drive-by" downloads of malicious programs.
According to Bitdefender's research from several months ago, 23% of Facebook users know a friend who has been infected with spam on the platform.
While we have no reason to doubt Symantec's report, we have contacted Bitdefender to see if they have any additional information of LIfejacking stats. Bitdefender is one of the only other security companies that has an app that actively scans Facebook users' news feeds for spam and phishing links. We will update this post when/if we here back from the company.
Bitdefender Weighs In On Lifejacking
[Update - Sept. 6 - 8:15 PDT]
Catalin Cosoi, the head of the online threats lab at Bitdefender, got back to us on what they see with lifejacking trends on Facebook. From his email:
It is quite difficult to estimate a precise percent of threats that spread through [lifejacking], since Facebook Graph Api doesn't count external likes.However, if we count only inside-the-service-likes, 15% looks like a pretty accurate estimate. If we were to include also external likes, based on our experience, we can estimate that up to 40% of the total amount of scams are spread through [lifejacking].
Also, we can estimate their efficiency based on the statistics offered by shortening services that have public stats.
For instance, a case study we did in March on a specific "See who viewed your profle" scam showed that the scam spread through approximately 287 unique URLs per wave. These unique URLs led to 14 unique Facebook applications on average.
Based on the data provided the the different shortening services they used, these URLs gathered 1,411,743 clicks and the distribution spike per URL was 34 hours. Also, not all shortening services offer these statistics, so the efficiency is definitely higher.
Edited to note "lifejacking" instead of "likejacking" in Cosoi's email.
Discuss