South Africans have been warned against an increase in clickjacking scams, especially when it comes to mobile fraud.
There are a number of scams which aim to dupe users into installing malicious software or making it easier to access their bank accounts or other financial accounts.
One of the top two ways scammers try to gain access to your mobile is through clickjacking. According to French anti-fraud firm Elvina, 60% of scams are through clickjacking in the Middle East and Africa.
What is clickjacking?
Clickjacking is also called a UI redress attack. They try and make it look like a link is legitimate, thereby tricking a user into clicking it.
The "hijacking" part relates to the fact that these are often overlayed onto another link which is legitimate on a page. Therefore, users can't identify that it is a malicious link until it's too late.
This is what makes it trickier than some other scams. Often fraudsters use a spam email or website which a user might immediately want to click out of or "delete" and then place the malicious link over the delete button.
This means that even if the user were trying to be smart and remove a page that appeared to be malicious, they fell directly into the trap.
How to protect yourself
As a user there is no real way to protect yourself from clickjacking. As explained they are well hidden so even though you should always take extra care when clicking on links, its possible you could still get trapped.
The prevention has to come from the websites themselves. There are a few ways website owners can protect themselves and their users.