To help combat clickjacking, Facebook is adding a new feature that will spot scam-like behavior by pages on its site and ask you to confirm your “like” before automatically adding a story to your profile and your friends’ News Feeds.” So how do you as a user fight clickjacking on Facebook? It’s a really easy one-step process. When you see a post that says “to watch this kkkkrazy video, just copy and paste this URL into your browser,” — don’t do it.
If you do it, it infects your browser with a code that automatically adds “likes” to your newsfeed, spreading those likes to your friends to trick them into infecting themselves also. The attack is often paired with surveys and spam that generate cash for the people behind through through ads, lead generation and affiliate marketing.
Should you or a friend get “clickjacked” in this way, you can get rid off the offending “Likes” by hovering over the right of the post in the newsfeed and clicking on the X to “Remove and unlike” them. You can also get alerted to potential clickjacking attempts by using the NoScript add-on with Firefox.
This advice may sound obvious. But I also have a relative who insists on writing all her posts on Facebook in all caps, even after I gently told her it makes it look like she’s screaming.
Q&A: Fighting a Clickjack Attack [Gadgetwise]
Beware Of Coca Cola Facebook Scam