Why you should avoid the 101 hottest women on Facebook


Facebook users have been making a lot of use of the new 'like' feature which allows users to link to webpages that they, well, like funnily enough. Not so funny when Facebook users are claiming to like a site called "101 Hottest Women in the World" which features an image of Jessica Alba. But don't be seduced...

Not that I've got anything against the Hollywood actress and sex symbol, but I do have a dislike for clickjacking (or Likejacking if you prefer) and that's what is happening here. According to security experts at Sophos as soon as anyone who is logged into Facebook clicks the like link and arrives at the destination, a single click anywhere on the page will update that user's Facebook profile without permission in order to add another 'like' recommendation and so virally spread the attack to an ever broader audience of unsuspecting fans of hot women.

It accomplishes this by using a hidden invisible button underneath your mouse pointer (a hidden iFrame) which captures any click and redirects it to the 'like' button. Of course, this is just the latest clickjacking attack in recent weeks. We've already seen similar scams using sites with link titles such as "This man takes a picture of himself EVERYDAY for 8 YEARS" and "This Girl Has An Interesting Way Of Eating A Banana" which are designed to attract the curious users within a social network. The attack growth trend is starting to get worrying. At the moment it is being exploited in order to make money via page views, but undoubtedly it won't be long until a more malicious payload is unleashed.

The whole 'like' clickjacking concept could even be seen as yet another nail in the coffin of Facebook, it's certainly doing nothing to fill me with confidence about security on the network that's for sure.

About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

Alex_ 0 Junior Poster

Keep an eye for WePad. It will be linux based.

InsightsDigital 57 Posting Virtuoso

Thanks for bringing this up. Its sad but true that the whole intention of businesses to join Facebook is to grow - either with the intention of the user or not - their business. This is another example why Facebook may shun additional users.

Alex_ 0 Junior Poster

Oops, i posted in the wrong thread. )

Netcode 33 Veteran Poster

i really dont see anything wrong with facebook yet

mystryworld 0 Light Poster

Thanks for sharing the issue here. I haven't had any idea about that. This is one of the examples of badly using social networking like facebook!

data-struction 0 Light Poster

yes thank you for sharing this article as well.

stellaandreapar -6 Newbie Poster

Ant social networking site has a flaw too. Thanks for sharing this.

rocco88 -5 Junior Poster

Great post! I completely agree.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.