facebook: you got jacked!

I haven’t weighed in on the Facebook privacy kerfuffle because I figure most of my friends are smart enough to control their settings, remove their information, delete their accounts outright… or just didn’t care because Facebook is so cool! I haven’t deleted my account because it lets me publicize my blog a little bit more for those people that check Facebook multiple times a day, but might have a whole lot of unread stories in their chosen RSS reader. Even so, one of my biggest issues about the privacy thing was that Facebook was relying on people to have no idea what was going on and to not pay attention. Which brings me to the subject of clickjacking…

Or possibly like-jacking as it’s now being called. I have been getting “event invites” from numerous friends and acquaintances to get a free: iPad, iPod, HTC and whatever other gadget is hot right now, hot being the operative word. Their descriptions all follow a similar pattern, “This site is glitched and is giving away free _____. I don’t know how long it will last!” with the link leading to an affiliate marketing site. Often it just asks for your zip code or to answer a quiz and then it wants personal information like cell phone number or address. It’s similar to the “complete 3 offers and get a free gift card” sites/scams back in the day.*

One morning, I nearly had a spit take on my monitor as I saw the following on a friend’s feed:

Hilarious, yes, but I’m pretty sure they wouldn’t want anyone but perhaps their very closest friends to see such a thing, even if they had done it by choice–which they didn’t. In short, another site can put a transparent frame over the page you’ve clicked to. Once there, no matter where you click, you’ve “liked” something or sent a spam invite to all of your friends. They see it on your feed, they click it, and the cycle continues. Unfortunately, this like-jacking tends towards the more pornographic and gruesomely funny descriptions, so you also end up thinking a bit less–or more if that’s your bag–of the friends who’ve fallen victim to it.

Now I don’t expect everyone using Facebook to become an internet security expert, but every now and then you should click on your own profile, just to see what your feed looks like to others. If you see that you’ve been inviting people to events or liking things without your permission, it’s likely you’ve been ‘jacked–not necessarily hacked.

Facebook is trying hard to set itself up as “Internet for Dummies” and they’re succeeding. But like the many networks before them, AOL, MySpace, etc., any network that wants to be your single-point gateway to the internet is going to be the first place scam artists attack. User-policing is ineffective because the spammers are using applications and ‘bots to proliferate their scams and Facebook has shown very little interest in getting involved in a down & dirty clean up of their site. Safety is boring after all, and the internet is supposed to be fun! 🙄

Not that I don’t like free stuff, but tell ya what… if that site really is glitching and giving away free whatevers? Go ahead and pick up an extra one for yourself and send it to me, save me the trouble of clicking through and thinking you’re either a spammer or a moron. However, to make my site a little safer, I’m going to remove the “Like” button that appears in each post. It didn’t get clicked much anyway, but until Facebook straightens out their anti-spam stuff, I’d much rather my site be safe than sorry.