Terms for new Internet scams seem to pop up as frequently these days as the toadstools in our rain-soaked yards.
One of the latest: “clickjacking.”
Our modern lexicon has gone from “hijacking” to “carjacking,” and now to “clickjacking,” and its close relative, “likejacking.” These new Internet scams are worth acquainting yourself with, so you don’t find yourself victimized by their perpetrators.
Just as they can take over an airplane or a car, those with devious intentions can hijack the click you make when you think you are simply clicking on a “register now” button, or a “like” button on a website. You may be activating a scam that was set up by fraudsters that can do things like change the settings on your computer, or place an online order for something you do not want.
How the scam works
Like many online phishing scams, clickjacking can start with an e-mail, social media message or text that directs you to a website where you may, in one prevalent example, “enter for a chance to win!”
Scammers have become experts at making their messages look authentic, with all of the logos and colors of legitimate, well-known businesses. They may pose as a major chain store that is giving away something desirable like a free iPad.
Their message will contain a link that you are instructed to click on to take you to the website where you can “enter to win.” Don’t do it.
When you get to that site, even though it looks normal it will have hidden links placed there by a Web-design trick that can put invisible layers over the layer that you see on your computer screen. While the area in which you click may say one thing, the invisible layer that has been placed over it may make your click mean something else altogether.
A similar scamming technique, called “likejacking,” can trick you into clicking to “like” something on a social media site. Typically you could get an attention-grabbing message that reads: “You’ll never believe this shocking news about (insert a popular celebrity’s name).”
Even if you click to see what it is you could activate a code that “likes” the webpage and publicizes the link on your newsfeed. The real page may contain pornography or malicious code.
Identifying Facebook scams
Here are four red flags to watch for that can help you spot a scam on Facebook, as identified by www.darkreading.com, a site about cyber security that is written by IT professionals:
• Salacious or shocking content is used to draw attention. Posts that promise a peek at a celebrity sex video or something gruesome can be luring people into a clickjacking scam.
• Extra steps are required before you can view content. Survey scams on Facebook may ask you to complete a questionnaire to receive a prize, or to view a video.
• Promised content is connected to a recent news event and claims to be an extraordinary image, like a view of a recently deceased celebrity.
• There is a claim about a change in Facebook policy, like an app that enables you to see who has viewed your profile or a privacy setting change.
Safeguards against clickjackers
• Always click with caution and avoid sensationalism.
• Keep your computer’s browser updated and be sure you have up-to-date antivirus software installed.
• Remember to log out of social media and online retailer sites, and don’t use “remember me” features.
• Watch for fake sites that may look like the real thing.
Diligence is required to keep your clicks from getting clickjacked. If you are victimized by Internet fraud, www.USA.gov has a list of government Web resources to help you.