The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at

Mousetrapping and mousetrap malware - BullGuard


Have you ever felt like a mouse in a trap? Caught in a situation with no way out? The experience can be rather frustrating in real life, but online, it can turn really daunting. By simply browsing the web for information, you can end up:


  • trapped on a site you had no intention of visiting,
  • buying something under pressure, just to “escape” a webpage,
  • unknowingly downloading malicious software that’s after banking credentials – this, of course, if your computer doesn’t have antivirus protection.



What is mousetrapping?


It’s an unethical web practice that keeps users trapped on a particular site. Ill-intended site owners insert in their sites’ structure special code (usually written in JavaScript) that hijacks your browser and controls to prevent you from leaving the site. If you try to close the browser, go back or type a new URL in the address bar, you end up on the same site – the malicious code might disable the “Back/Forward” buttons and even the “close (“X”)” button. In short, you’re “mouse-trapped”.


There are various types of mousetraps. Some open the same page several times and then let you go, some trigger an endless number of page openings, while others prompt pop-up windows or alerts with a certain call-to-action – every time you try to close them, they reappear until you finally give in and perform the action they urge you to take. While the mousetrap isn’t really challenging your antivirus protection, the call-to-action might.


Often times, mousetrapping is part of what internet security specialists call “pagejacking”. Pagejackers register URLs containing misspelled names of famous people, and even create copies of popular websites with similar names. They push up the fake sites in users’ search results, to trick them to visit their sites and not the legit ones.


So what happens exactly? Say you want to visit You type in your search engine “Victoria’s Secret” and a list of related sites show up in your search results. If you do not pay attention to the URL (i.e. the address) of the site, you may end up on the fake site, like Once you’re at that site, the mousetrap kicks in – the malicious JavaScript code directs you and holds you at a site against your will, while exposing you to commercial ads, gambling requests, fake lottery wins or adult content. If you consider that it might as well have been a kid sitting where you are, the forced exposure to inappropriate content takes a whole new internet security dimension, as it can leave mental scars on them.


You may also be urged to purchase something just to escape the mousetrap. But at that point, your privacy will have already been violated. Furthermore, when the mousetrap entails downloading malware on your computer, your internet security can be at high risk, while your antivirus protection – if you have any – can be challenged enough to let the malware mess up your computer system.



Mousetrap malware


With computer malware, things get complicated. While simple mousetrapping doesn’t really trigger computer infections, mousetrap malware targeting computers calls for proper antivirus protection.


How does it work? Cybercrooks insert a Java application (also called “applet” – a program that uses web browsers to provide a user interface) in a popular site. This particular applet is of course malicious. When you visit the respective site, you are urged to install some legit-looking program, for example software that enables streaming, or seamless streaming of audio and video content. If you fall for the “it’s absolutely necessary to install this program” scam and you click on the warning pop-up, it downloads and installs some other form of malware on your computer. From there on, the scam develops into a serious internet security threat. You may even end up with a banking Trojan on your PC, threatening the security of your bank account; when you try to log in to your account, the banking Trojan activates itself and manipulates your browser to show a fake login page that looks exactly like the login page of your bank’s website, but with more information boxes to fill in. Once you enter your banking credentials, cybercrooks get hold of them and take over your money.



How to protect yourself? Use common sense and strong antivirus protection!


  • If you ever find yourself “mousetrapped” on a webpage, try disabling the JavaScript functionality in your browser.
  • If you’re still trapped, and you get bombarded with an infinite number of page openings in your browser, press CTRL+ALT+DELETE to terminate the process. The last solution to resort to, if that doesn’t work either, would be restarting your system.
  • Don’t install just any program suggested in a window popping up on a site. Be wary if that happens. Check if the applications on your PC need updates and then proceed to update them. Also, always keep your antivirus software up-dated.
  • As stated above, install a strong antivirus program that can put up with any malicious software lurking on the internet. BullGuard Antivirus 12 provides proactive antivirus protection thanks to its dual antivirus engine, which brings together Signature-based and state-of-the-art Behavioural detection methods. This way, it can spot even the newest forms of viruses, Trojans and other malware, and keep your computer healthy at all times.

Was this article helpful?