Facebook’s zero tolerance policy against those it believes are abusing its network has seen it file a lawsuit against a company it accuses of using a ‘clickjacking’ scam to trick users into divulging personal information.
Along with the US State of Washington, the company said it would pursue the Delaware-based marketing outfit, Adscend Media, said to have earned up to $1.2 million (£763,000) per month by luring users to marketing and click-harvesting sites after hijacking the service’s ‘like’ button.
According to the lawsuits, the con was to get users to visit Facebook pages that promised pornographic or other content which they were then encouraged to interact with in order to click hidden ‘like’ buttons.
As well as being asked to enter personal data in order to view the non-existent content, the ‘likejacking’ had the effect of making the scam site appear to be endorsed by users to their Facebook contacts, and so the clickjacking rippled outwards to new potential victims.
“Facebook’s security professionals have made tremendous strides against this particular form of attack and we are intent on eradicating it completely,” said Craig Clark, Facebook’s lead litigation counsel.
“We will continue to use all tools at our disposal to ensure that scammers do not profit from misusing Facebook’s services,” he said.
Assuming the charges against Adscend are proven, the whole affair is a fascinating echo of an older, now mostly forgotten battle against a wave of adware apps that hit the Internet around 2005.
The most infamous example was 180solutions (later Zango), was was accused of installing a useless toolbar app without user consent as a way of bombarding them with a stream of pop-up ads.
Zango fought back against its many detractors, even suing antivirus companies that tried to label its products as spyware, but this tactic only made matters worse. After a $3 million FTC fine for deceptive practices, the company disappeared for good in 2009.
Adware is now history in app form; the scams have moved into the browser and use the suggestive environment of social networks to promote similar-sounding scams.
The latest case comes only days after Facebook distributed the name of a Russian it believes was behind the Koobface worm that attacked a number of social media sites including Facebook between 2008 and 2010.
Where once Facebook seemed almost oblivious to the troubling scams happening within its network, recent events appear to mark a new security posture from the company. Not before time.