Scammers Turn to Affiliate Marketing Scams After Facebook Cracks Down on Clickjacking and XSS

Facebook frauders have figured out how to double their fun and are increasingly using scams to fuel affiliate marketing scams, according to a new report from Internet security firm Commtouch.

Earlier this year Clickjacking and self-XSS (users being tricked into running malicious code that would hijack their information) were a major headache for the social network. In May, Facebook introduced new security features such as additional login authentication options and Like confirmations specifically to combat the problem. Most browsers also updated to make it harder to execute XSS attacks, and as a result, scammers have turned their attention elsewhere.

According to Commtouch’s year-end Internet Threats Trend Report, 74% of Facebook attacks now lead to affiliate marketing sites. Once on the site, users are prompted to sign up to receive a fake free gift, earning the scammers affiliate bonuses for traffic and often providing them with personal data for identity theft. The rest of the scams are either hoaxes, defacement, malware attacks or Like collection with no clear purpose.

The tactics scammers most commonly employ to trick users into visiting a site, adding an app or liking something are probably familiar to anyone who spends time on the social network — users are either offered free goods, lured in with sensational headlines, called to action to see some sort of amazing video or told to install an app. Overall the most used tactic in 2011 was the “must see this” lure, accounting for 36% of all scams. Between June and December the free goods offer increased in popularity, mirroring the rise of affiliate marketing scams. More than 26% of scams now originate from an offer for free goods.

The most common vector for Facebook scams are now users themselves, with 48% spreading through Likes and shares. Clickjacking accounted for 24% of scams, rogue apps 16% and malware and self-XSS 12%.

For its part, Facebook now scans almost 2 trillion link clicks and blocks more than 220 million posts and messages with malicious links every day. The social network has greatly cracked down on fake applications, and Commtouch found Facebook has improved the speed at which new scams are detected and removed. The entire Commtouch report can be found here.

Facebook Marketing

Mediabistro Event

Facebook Marketing

Starting January 13, work with the group marketing manager of social media at Microsoft/BingAds to grow your business on Facebook! In this course, you’ll learn how to set up your company page, understand Facebook best practices, and execute a monthly content strategy. Register now!


Leave a Reply

3 Responses to “Scammers Turn to Affiliate Marketing Scams After Facebook Cracks Down on Clickjacking and XSS”

  1. Criminals Used Affiliate Marketing Sites in Majority of Facebook Scams in 2011 – eWeek – A Bidding Frenzy says:

    [...] n&#959 longer &#1112&#965&#1109t using Facebook f&#959r identity theft &#959r phishing …Scammers Turn t&#959 Connect Marketing Scams Aft&#1077r Facebook Cracks Down &#959n …Inside FacebookConnect Marketing Sites Used In Margin Of 2011 Facebook ScamsTechWeekEurope UKMargin [...]

  2. Friday Pulse: Pinterest on the Rise, GoDaddy’s SOPA Flip-Flop, Worst Customer Service Ever — Affgoo says:

    [...] These are the 1 percenters that give all the great affiliate marketers a bad rep. Scammers Turn to Affiliate Marketing Scams after Facebook Cracks Down on Clickjacking and XSS [...]

  3. New Facebook scam « KBT Computer Consulting says:

    [...] Scammers Turn to Affiliate Marketing Scams After Facebook Cracks Down on Clickjacking and XSS ( [...]

Get the latest news in your inbox
interested in advertising with inside facebook?

Social Media Jobs
of the Day

Assistant Editor

8 Inc.
New York, NY

Copywriter & Editor

Santa Monica, CA

Director of Marketing & Communications

Neumans' Kitchen
New York, NY

Social Community Manager

Tallahassee, FL

Editorial Director

Phoenix House
New York, NY

Featured Company

Join leading companies like this one and recruit from the nation's top media job seekers on the Mediabistro Job Board. Every job post comes with our satisfaction guarantee. Learn More

Our Sponsors

Mediabistro A division of Prometheus Global Media home | site map | advertising/sponsorships | careers | contact us | help courses | browse jobs | freelancers | content | member benefits | reprints & permissions terms of use | privacy policy Copyright © 2014 Mediabistro Inc. call (212) 389-2000 or email us