STOTW – Clickjacking

Clickjacking is a Web browser exploit that has plagued users in recent years. It has been one of the most common attacks by spammers on Facebook.

Clickjacking takes advantage of the multi-layer structure of Web pages.  A common use of this exploit is to place an “overlay page” on top of an existing page that contain link buttons which invisibly cover the displayed buttons. Whenever the visible button is clicked, the user is actually clicking on the hidden button which redirects them to another site – usually malicious.

There is no real fix for this issue at the moment.  Therefore, it is more important than ever for users to be extra vigilant when clicking on buttons and links.

Note that Firefox users can take advantage of the NoScript plug-in to get some  protection from clickjacking attempts.

 

Comments are closed.