The research identified three categories of click interception techniques:
- Modifying the destination URL of hyperlinks to lead users to malicious websites upon clicks.
- Adding click event listeners to manipulate user clicks.
- Visual deception, for example, by creating web content that is visually similar to first-party content, or displaying transparent elements on top of the web page. The former will trick users into clicking third-party element, and the latter enables the transparent elements to capture all user clicks on first-party content. Consequently, the users can be led to a page controlled by the attackers.