Tuesday, January 18, 2011

ClickJacking Attacks on the Internet

Clickjacking attacks on the Internet may occur when you go to a rogue website.  A fake " spyware"  or " virus"   warning may appear, asking you to click on a link to " fix"  it.  Oftentimes, clicking on the link will install malware in your computer.  Be careful!

As more and more people get onto the Internet, the culture has changed dramatically.  And since most people are unsophisticated about computers, they can get into a lot of trouble, in a hurry.  The Internet was designed with few checks and balances, and as I noted before, in the early days, the only thing preventing spammers and other lowlifes from proliferating was social pressure from peers.

One scam that pops up again and again, is the fake website that loads a trojan into your computer.  A popular version of this is the Vundo trojan.  Suddenly, a popup appears on your computer, saying that Windows has detected spyware or a virus, and to "click here" to fix it!

But if you are astute, you may realize that Windows has no built-in adware or spyware or virus protection, and moreover, it would not spontaneously "detect" this when you visit a website.

The best thing to do is to close your browser.  In some instances, attempting to close the browser may cause more pop-ups to appear.   NEVER CLICK ON THESE EVEN IF THEY PURPORT TO SAY THEY WILL CLOSE THE BROWSER OR TAB.  If all else fails, use CTRL-ALT-DEL and start Task Manager to shut down Explorer or Firefox or whatever browser you are using.

NOTE that Facbook typo sites (Facebok or Faceboook) will play an audio clip saying you have been chosen for a "survey".  These surveys ask for personal information, often a cell phone number, so that they can "slam" you with a service you don't want, that is hard to remove from your cell phone bill.  And yes, trying to close your browser just causes more fake pop-ups to appear, asking you if you really want to close the browser.  Play it safe, do not click on these, just close the browser using Task Manager.

And by the way, what is up with that?  Facebook is supposedly the "most popular site on the Internet" and yet they cannot obtain the Facebok and Faceboook domain names under the anti-cybersquatting act?  Facebook doesn't seem to have your best interests at heart, do they?

Once a Trojan like Vundo gets into your computer, it can be hard to get rid of.  If you can, you might be able to use Windows "restore" feature to go back a day or two (before the trojan was loaded) to restore your system.  Trojan Removal Tools, like fixvundo might work, but often even they are not able to remove every last bit of this nastiness.  Re-installing windows is another solution, and yes, I have had to do this on two occasions.

How do you end up on these rogue websites?  Well, it ain't just porn sites that will trigger such problems.  I have found that many rogue sites use IEEE articles or other data as "bait" to get people to click (possibly because they are targeting government computers) and when you get to the site, all heck breaks loose.

Google and other search engines attempt to protect you from such sites, by blocking sites with known malware.  Running Spybot TeaTimer or other software will protect your computer from unauthorized registry changes.  And it goes without saying that you should bookmark your commonly used sites and use those bookmarks, to avoid typo look-alike websites.

1 comment:

  1. One way to avoid these attacks is to put Adblockplus on your computer.

    Google actually takes ad dollars from malware sites, and often the first hit on Google (the ads) are for sites that download malware into your computer (the search redirect trojan, for example).

    This nearly happened to me the other day, but fortunately, my malware scanning software caught it in time.

    Adblock plus cuts out all those ads. Shame on Google.




Sorry, Comments have been disabled due to the large amount of SPAM and TROLLING as well as GROOMING comments. Thanks for reading, though.

NOTE: Blogger says below that "only members may comment" - however comments have been disabled and I have no idea how to make someone a "member". Sorry!

Note: Only a member of this blog may post a comment.