The issue was raised in a blog post by security software provider Websense. The viral exploit currently appears to be infecting one user every second.
The “clickjacking” scam adds fake posts on users’ news feeds, encouraging them to click on infected links with the lure of hot news items and disaster footage. Most recently we’ve seen similar news-related Facebook scams using the Casey Anthony trial as bait and even adding in Facebook Chat as an additional lure.
Social networking, by its very nature, is viral and makes large networking sites like Facebook a hotbed for malicious scammers. AVG reported last fall that of the nearly 20,000 malicious pages on the top social networking sites, more than half were on Facebook, and the majority of the rest were on video-sharing site YouTube.
Videos are particularly effective for scammers, Websense says, but even breaking news stories within search results can be unsafe. Searches for current news pose an even higher risk than searching for pornography or other objectionable content on the web.