Browser Hijacking, Malware Pop-Ups, and “Legit-Looking” Phishing – It’s a Wild Web

“Jack” says he was framed. This political refugee from the former Soviet Union ended up spending 180 days in jail and is stuck with a felony sex offender record for the rest of his life. When Jack told Wired Magazine his story back in 2004, a lot of people rolled their eyes. Authorities had raided Jack’s home and found “compromising images of children” on his laptop. Just another perv who ended up with a rather light sentence, all things considered, right? But decades later, more are willing to at least give Jack a measure of the “benefit of the doubt.” The convicted man (he took a plea bargain rather than go to trial) maintains his innocence. His explanation? First, Jack says he thought the images might have belonged to a previous owner, as the laptop was second-hand. Later he came to believe that his browser had been hijacked. –Can browsers be highjacked… or is “Jack” full of it?

Hijacking A Browser Is Easier Than You Think – Use a Safe Browser App

Browsers can indeed be highjacked and bad actors have gotten a lot better at doing it since the early 2000s. Hacker’s hijack via malicious programs that change browser settings. This is why experts recommend adding a layer of security by using so-called safe browsing apps when online. Web Of Trust or WOT is one of the more popular options as it relies on both AI algorithms and a huge community database to spot red flags. It also blocks pop-ups, while alerting you to pages or links – in real-time – that are problematic. The most common hijacking method in the past was for the malware program to alter a search page or a default start page, but increasingly, they’re using pop-up ads. These could be pop-ups for porn – but not necessarily. Cybercriminals aren’t dumb; they know most of us avoid suspicious-looking, nasty pop-ups. So, they’ve evolved. It could be an innocuous pop-up add, that when clicked, adds bookmarks to “my favorites,” and – should you mistype a URL – redirects you to dangerous, or illegal, websites.

Much of the time, getting “hijacked” is more annoying than life-ending. The malware redirects users to sites or ads, to get more “clicks” so some e-criminal can make a few cents. However, should you be unlucky, the malware could be a lot more toxic. The majority of cybersecurity experts who’ve looked over Jack’s story have some doubts. There are a few things that don’t add up and he could in fact just be another weirdo… but the fact that it’s even possible for something like this to happen – and ruin someone’s life – is terrifying. Or the hack might insert spyware, snatching up passwords, banking details, and more. Then, all of sudden, you find yourself a victim of identity theft, one of the fastest-growing web crimes.

Cybercrime Skyrockets – Yet Most People Don’t Think They’re a Target

In 2020, reports in the U.S. of identity theft and fraud associated with it shot up to more than double the number in 2019. Of late, the schemes have been more often than not related to unemployment benefits or some Covid relief funding, but FTC spokesman Jay Mayfield notes that thieves “also hijacked other people’s identities to obtain driver’s licenses, passports, and other government-issued documents.”

All that to say that despite the strong protection provided by Google’s Chrome or Apple’s Safari, e-criminals have workarounds. There’s a perception that only the elderly, who may not be familiar with the basics of protecting yourself online, or the extremely gullible – such as those who respond to “Hello, I am a Nigeran Prince with 10 billion buckets of gold in my basement” emails are vulnerable. This is not the case. We all overestimate our web awareness.

In mid-2020, the well-known and respected Indian lead national news anchor and journalist Nidhi Razdan quit her job. She had gotten a very official-looking email letter from Harvard offering her a teaching position. As she tweeted: “Later this year, I start as an Associate Professor teaching journalism as part of Harvard University’s Faculty of Arts and Science.” Exciting stuff… except, Harvard doesn’t have a school of journalism, nor does the famed university have any departments with professors of journalism. Razdan, a smart, educated journalist, had been snared in a phishing attack. Why did the bad guys go through all the trouble of sending Razdan documents with logos and letters of intent and the rest? –It’s not clear, but maybe for as simple a reason as wanting to get into her devices and social media accounts.

This is the world we live in, folks. Hackers are willing to put in great efforts in the hopes of reaping what can seem like small rewards. But, when the crimes are added up, the loot adds up… astronomically. It’s estimated that cybercrime will cost the world over US$10 trillion annually from 2025 onward. We can, however, try to make life as hard as possible for these miscreants. Use strong passwords and update them more frequently, check fishy-looking sites by going to a site like WOT.com and entering the URL, and download and use a safe browser that works on all devices. Hackers have been compared to predators, and if there’s one thing predators have in common, it’s that they look for easy meals. By simply making things a little more of a hassle for them, they often give up and move on. Don’t be a 2021 statistic. Fortify your browser and stay safe.