Just like any business, the people who create PC viruses need to constantly innovate in order to stay competitive. Recently, virus creators and malware designers have turned to scams called clickjacking and keyjacking in order to trick users into download malware onto their computers.
Today, I’m going to teach you how to be a smart PC user and avoid these scams. Keep in mind that these viruses can steal your identity and watch you work at your computer over your webcam, so it’s important to remove them as soon as possible.
Clickjacking isn’t as new as keyjacking, although most PC users aren’t really aware of it. With clickjacking, a malicious website tricks users into clicking on something that they really shouldn’t be clicking on.
The most basic type of clickjacking scam is placing a Facebook like button below a funny picture or quote. When users try to click the ‘like’ button, they actually click on something behind the button due to a clever UI overlay trick.
So, instead of liking a funny picture on Facebook, you might accidentally click the download button for a malicious program. Or, in the example below, users are told to click on two colors to “prove they’re human”. In reality, clicking on the first color will ‘like’ the picture while the second color will ‘share’ the picture.
Clickjacking scams are becoming more and more common – and dangerous.
Keyjacking is similar to clickjacking, and it’s a worrying trend that was only recently discovered by Sophos’ Naked Security blog. With keyjacking, users are tricked into entering keys on their keyboard that actually do something really bad.
Let’s say you’re trying to download a software program from the internet. You download the seemingly innocent software from a website and are greeted with the usual ‘Run’ ‘Open’ or ‘Save’ dialogue box.
At this point, a CAPTCHA box appears on screen. You have to type letters into that box in order to get around it. The first letter of that CAPTCHA just happens to be ‘R’. And when you type ‘R’, Windows sees that as the shortcut for ‘Run’. Suddenly, your computer is installing the malicious software while you’re still wondering why the ‘R’ didn’t show up in your CAPTCHA box.
In the example below, the CAPTCHA starts with ‘E’, which is the first word of eseguire, the Italian word for ‘run’.
Why it’s a smart scam
You have to admit that both clickjacking and keyjacking are clever scams. Today’s PCs require a number of input commands in order to download files, and these extra steps have saved many PC users from viruses. However, it didn’t take long for virus creators to find a clever way around the scam – tricking users into clicking their mouse and typing in keys.
Furthermore, the creators of the virus have created some VERY enticing pages that most users just can’t resist checking out. Here are a few sample titles:
-“Dirty teacher undresses between the school desks. Don’t miss this video!” (written in Italian)
-“I lost all respect for Emma Watson when I seen this video! Outrageous!” (Omg what did she do now?!)
–“OMG This GUY Went a Little To Far WITH His Revenge On His EX Girlfriend”
–“Don’t click: [link]”
–“Dad walks in on Daughter..EMBARASSING”
–“97% of ALL People Can NOT Watch THIS Video for More Than 25 Seconds”
You get the idea. In most cases, these catchy headlines are accompanied by sexy or intriguing pictures. Although most users won’t fall for these scams, there are always some who do.
How to protect yourself and your PC
Clickjacking and keyjacking scams rely on users speeding through the file download process and not noticing the transparent UI overlays hiding the true nature of the download.
Here are some tips that will reduce the chances of this happening to you:
-Only download software from trustworthy websites
-If a CAPTCHA popup or other dialogue box appears when downloading a file, get into the habit of moving those windows around to see if there is anything hiding behind it
–Turn on your browser’s protective features, like popup blockers, ad blockers, and more
–Download and install PC Cleaner Pro and scan your computer on a regular basis for any problems
–Keep your software updated, especially your antivirus program and your browsers