Vanessa here from AllClear ID.  First there was “clickjacking” for Facebook users to be concerned about. Now a new term enters the identity-theft dictionary: likejacking.  This new scam takes control of your Facebook account through hidden “Like” buttons.

Facebook and the state of Washington are suing an online-advertising company named Adscend, saying it and its affiliates send messages to Facebook users that appear to be from a friend. These bogus posts contain a link to provocative content, such as “Cannot BELIEVE a 2 year old is doing THIS,” or “{Video} OMG! See what happened to his Ex Girlfriend!”

If you click on one, and you’re asked to “Like” the page or click a box to continue. Click again, and you’ve “liked” the spammer’s Facebook page.  Or, the video you want to see is blocked by a message box that looks like it’s from Facebook (it’s not) that says an “Age Verification” or “Security Check” is required. In either case, you need to complete a short “survey” to unlock the video. The survey page has links to websites that pay Adscend per click.

The advertisement for the bait page is posted to your Facebook wall or timeline, and is published in the news feed to all of your Facebook friends, who become victims of the spam as well.

Facebook says Adscend earns more than $20 million a year through aiding and abetting the scam artists.  Adscend denies the charges, saying they’re absolutely false.

This new “likejacking” scam just underlines the dangers of clicking on a hyperlink in an email – and now on your Facebook page. Be on guard. If it doesn’t look like something your friend would post,  trust your instincts and check with them before you click.

If you get sucked into a likejacking scheme, and you’re being led through a series of screens, assume it’s a scam – stop and back out before you give personal information or buy anything.

If you find one of these booby-trapped posts on your wall, delete it and notify Facebook. They have people who work around the clock to stop illegal spam.