Facebook is being hit by another viral message, spreading between users’ walls disguised as a link to a saucy video.

The messages, which are spreading rapidly, use a variety of different links but all claim to be a movie of a dad catching his daughters making a video on their webcam:

I spotted a post today on Facebook which looked rather suspicious. The link was titled “EMBARRASSING: Father caught daughter on WEBCAM!!!” and was obviously designed to lure people in to clicking on the link. It went to the URL qok7.info which claimed to have a YouTube security verification notice (a CAPTCHA) you had to fill in before viewing the video. (While writing this post I have checked again and found that Facebook has blocked URL and now it is stop redirecting to other website.)

In fact, it’s a clickjacking exploit that contains a hidden form which submits a public comment on your Facebook account with a link back to this site. I first came across clickjacking exploits; it’s a cunning method of hiding a real form within an iframe behind something like an image that usually has something clickable on it. In this case it has a fake CAPTCHA form whose fake form elements are lined up to submit the real Facebook status update form hidden in the iframe.

This exploit may be related to the daughter on webcam issue reported by Sophos or this might just be an example of very successful keywords used by scammers.

I see it’s been reported on Facebook’s security pages, I know something Facebook can technically fix, I would hope they can ban links from this website to avoid users inadvertently spreading this exploit.

So if you’re a Facebook user don’t go clicking on links about daughters on webcams. Or any suspicious links for that matter. May time it happen that you also share this kind of exploits by sharing them on Facebook. Always check URLs and if it looks something suspicious, get out of there!