One day, you're surfing the web, just meandering around, and you suddenly notice your web cam is on and broadcasting.
Hope you're not in your jammies.
You may have been click-jacked.
Click-jacking involves the use of "hidden" links on a web page.
You see a link to an interesting picture, video, article, or web page and naturally you click the link, executing a hidden "script"or link that may: turn on your web cam and microphone, download malware to your computer, change your Facebook security settings, etc.
Is this attack widely used? No, the click jacking attack is not as prevalent as Phishing schemes, but can still be very nasty if it happens to you.
One of the worst sites for click jacking? Facebook.
How to protect yourself? Facebook has implemented new security procedures to prevent click jacking including new authentication login approvals.
Facebook's billion plus users will continue to be a prime target of hackers.
Knowledgeable users are still the best defense against click-jacking.
Use some common sense when clicking on links in Facebook: if you're friends with a Nun and you receive a link from her that says "sexy, hot, must see now", odds are she didn't send you the link.
Most of the click-jacking done via Facebook will use provocative language, so be aware and be careful.
The Adobe Flash player has also been a target of click jacking.
Clicking on an infected link would change your security settings, allowing the attacker to turn on your microphone and web cam.
Adobe has fixed this particular security vulnerability.
(If you haven't updated Adobe Flash in a while - you might want to do that right now.
) Most Internet security suites (free and paid versions) will stop malware downloads to your computer, but will not prevent you from clicking on a link and spamming your friends on Facebook or twitter.
All modern browsers are taking steps to prevent this type of attack, and you may protect yourself completely by turning off scripting and ActiveX controls: can we say good bye You Tube videos and much of the web.
You may selectively allow some sites you trust to run ActiveX and scripting, but very few people will choose this level of safety as it infringes on their ability to surf the web easily.
The very things we love about the internet: instant communication with our friends and family, watching videos, playing online games, searching for information about anything and everything, are the very things that put us in danger.
The one sure fire way to be completely safe: don't surf the web.
Short of that rather drastic action: use the available tools (security suites, updating software) and your brain to minimize your risk.
Think before you click.
Hope you're not in your jammies.
You may have been click-jacked.
Click-jacking involves the use of "hidden" links on a web page.
You see a link to an interesting picture, video, article, or web page and naturally you click the link, executing a hidden "script"or link that may: turn on your web cam and microphone, download malware to your computer, change your Facebook security settings, etc.
Is this attack widely used? No, the click jacking attack is not as prevalent as Phishing schemes, but can still be very nasty if it happens to you.
One of the worst sites for click jacking? Facebook.
How to protect yourself? Facebook has implemented new security procedures to prevent click jacking including new authentication login approvals.
Facebook's billion plus users will continue to be a prime target of hackers.
Knowledgeable users are still the best defense against click-jacking.
Use some common sense when clicking on links in Facebook: if you're friends with a Nun and you receive a link from her that says "sexy, hot, must see now", odds are she didn't send you the link.
Most of the click-jacking done via Facebook will use provocative language, so be aware and be careful.
The Adobe Flash player has also been a target of click jacking.
Clicking on an infected link would change your security settings, allowing the attacker to turn on your microphone and web cam.
Adobe has fixed this particular security vulnerability.
(If you haven't updated Adobe Flash in a while - you might want to do that right now.
) Most Internet security suites (free and paid versions) will stop malware downloads to your computer, but will not prevent you from clicking on a link and spamming your friends on Facebook or twitter.
All modern browsers are taking steps to prevent this type of attack, and you may protect yourself completely by turning off scripting and ActiveX controls: can we say good bye You Tube videos and much of the web.
You may selectively allow some sites you trust to run ActiveX and scripting, but very few people will choose this level of safety as it infringes on their ability to surf the web easily.
The very things we love about the internet: instant communication with our friends and family, watching videos, playing online games, searching for information about anything and everything, are the very things that put us in danger.
The one sure fire way to be completely safe: don't surf the web.
Short of that rather drastic action: use the available tools (security suites, updating software) and your brain to minimize your risk.
Think before you click.
Source...