How fraudsters can hijack your browser

Web browsers can be vulnerable to hijacking

Staying safe online is an important way of protecting your personal and financial data. Fraudsters like to use weaknesses in technology to try and gather information that can then be used to commit crimes. One such method is hijacking web browsers – software like Chrome, Firefox or Internet Explorer – to take control of computers.

What is browser hijacking?

Browser hijacking is a form of hacking in which malicious software changes a user’s browser settings without their knowledge or permission. Anyone who has ever been redirected to a website they didn’t intend to visit, found that their default browser has changed of its own accord, or been subjected to a series of pop-up ads, has most likely had their browser taken over by “malware”.

It’s reasonably easy to fall prey to browser hijacking. You can pick up malware by downloading software, clicking on an email attachment or visiting an infected site. It’s also quite common – a recent study suggested that in the second half of 2017, on average, 795 new malware specimens were discovered per hour.

It can sometimes be difficult to spot if your browser has been hijacked. Adverts might appear to be normal pop-up or display ads, and malware may just run in the background without really changing how your browser works.

Why do fraudsters hijack browsers?

In most cases, browser hijacking is a crude – if deeply annoying - scam designed to redirect users to sites or ads where extra clicks generate revenue for the hackers. It can be dangerous, however, depending on the kind of malware involved. For example, “spyware” can gather personal data such as banking details and email passwords, leaving the user vulnerable to identity theft.

A recent study by Cifas found  that there were almost 175,000 cases of identify fraud recorded in 2017, an increase on the previous year.

This is a worrying trend for many consumers – a recent survey found that identity theft is a top worry for Brits.

Once fraudsters have stolen personal data, they can then either sell it online or use it themselves to commit identity fraud.

How to avoid browser hijacking and identity theft

There are a number of ways to minimise the risk of browser hijacking and protect your personal data while online.

  • Update your browser software regularly. In many cases, software updates will feature responses to specific bugs, hacks or intrusions.
  • Use good security software – you may find anti-virus software from Bitdefender, McAfee, Webroot or Norton pre-installed on your device.
  • If you download free software, make sure it’s from a reputable site and read the fine print – you may unwittingly agree to install malware if you skip over the end user licence agreement (EULA).
  • Don’t open email attachments from people you don’t know.
  • Never give personal information unless you’re sure who’s asking for it. Banks and financial organisations will never ask for private data online.

You should also make sure you regularly change your password and avoid using the same password for multiple accounts. If one account is breached, the password may then be used to access all your other accounts. You can read more about this in our article on how to pick a strong password.

If you are worried about the security of your personal data, your Equifax Credit Report & Score (which is free for the first 30 days then £14.95 monthly) comes with WebDetect, which alerts you if we find your personal data on websites used by fraudsters.

Related Articles