Have you heard of clickjacking? You are about to learn all about it, and its a lot like it sounds. Someone taking control of your internet vehicle and driving it somewhere you wouldnt want to go. Its one of the most common ways that your facebook account can get hacked. But how does it work?

Clickjackers on Facebook trick its users into copying and pasteing text into their browser bar.You may have seen this in action many times and not known it, its usually accompanied by a sensational post, often relating to a large news story. Or by offering goods or services that seem almost too good to be true. For example you have probably seen variations of people sharing posts that say something to the effect of "(insert rich celebrity name) is giving 1,000 people 1,000 dollars to raise awareness about autism, thats $1,000,000,000! All you have to do is visit his charity page that this link" 

Thats a broad example but you have probably seen friends getting sucked into various false claims and scams. Once you visit that website, or malicious link, hackers embed a line of programming code on your computer that can run virus or malware. Here is an interesting example sited from wikipedia.

A user might receive an email with a link to a video about a news item, but another valid page, say a product page on, can be "hidden" on top or underneath the "PLAY" button of the news video. The user tries to "play" the video but actually "buys" the product from Amazon.

Other known exploits include:

Tricking users into enabling their webcam and microphone through Flash
Tricking users into making their social networking profile information public
Making users follow someone on Twitter[8]
Sharing links on Facebook[9][10]


Once a clickjacker has control of your account, they can spam your friends and further spread their scam, which is very common on facebook. 


So how do you avoid it? There are features for web browsers that you can instal that will help you avoid some clickjacking scams but as always the most important thing you can do is cautious, and suspicious of over the top claims and posts.

If something sounds too good to be true, it probably is.