Posted on 02/24/2025 4:57:00 AM PST by LouAvul
The Wagoner County Sheriff's Office is warning of a new scam where hackers are compromising accounts using clickjacking.
WCSO said clickjacking is an old scam with a new variation.
Clickjacking is an method where hackers, scammers or other criminals hijack your clicks on one website, to perform malicious actions on another site. You might think you are clicking a button on the site you are currently browsing, but that click will be used for something different.
WCSO said hackers have now added another click to this attack method to get around modern browsers no longer sending cross-site cookies.
In the attacks using the new variation, hackers first lead potential victims to a phishing site. On the phishing site, a notification appears prompting users to double-click a button to prove they are human. Hackers use these clicks to load a sensitive page.
WCSO said the first click closes the top window and the second click goes to the sensitive page to approve authorization or grant permission. The attack method can also be used to perform one-click account changes like disabling security settings, deleting an account, authorizing access for money transfers or confirming transactions.
WCSO reminds you to think before you click whether it is a link in an email, text message or button on a website.
WCSO reminds you to think before you click whether it is a link in an email, text message or button on a website.
...and then what?
good info
would this include emails or texts re: we’re interested in buying property you own in wagoner cty, OK?
Dunno. I was hoping a FRpr could clarify cause it’s clearly not confined to OK.
This looks like “news you can’t use”. No examples, no “here’s how you could tell”, no specific actions are given. Just “be careful”.
Use a separate login on each site and don't let a password manager upload your credentials automatically, without your intervention being required.
In essence, having a separate login for every site and copying and pasting the ID and password from a password manager, is best.
Couple that with logging out when you are done on a site, and you have taken almost all the concern away.
Information like this is helpful. I had a problem with my computer and my “go to guy” said it was malware from clicking on popups when I play solitaire - items that I have previously looked up and have an interest in or from googling a store name instead of using a URL. In that case I was looking for a phone number for a nearby Walgreens.
I didn’t know that either were NO NO but I learned fast...probably the last person here to know that. I’m not able to get my computer to him as I use a desktop so my computer guy comes to me (guess he’s not “go to” then) and he was here in about 15 minutes after I called him. I still see the popups but resist....
My home town! Interesting.
What solitaire are you playing, is it on your pc?
Yes....at home - senior citizen..
Have you tried some of these possible solutions?
How about this one?
200 Malicious GitHub Repos Attacking Developers to Deliver Malware
https://cybersecuritynews.com/200-malicious-github-repos-attacking-developers/
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.