The Basics of Clickjacking

Clickjacking is a method that cybercriminals often use to trick internet users into revealing confidential information by creating transparent web pages over those that look legitimate.

Clickjacking, as it was coined by Robert Hansen and Jeremiah Grossman of BlackHat Security, is also known as UI redressing. Even though it did not receive its popular name until 2008, web browse vendors have known about the problem since about 2002.

The Clickjacking Technique

Clickjacking takes advantage of a common vulnerability in many web browsers that allows programmers to embed code that tricks the user into believing that an object on the page performs one task when it really does something completely different.

It’s a rather sophisticated technique, and many web browsers are still acutely susceptible to methods used by tech-savvy clickjackers.

Common Clickjacking Examples

An innovative web designer with coding experience can use clickjacking techniques in a variety of ways. Any clickable object on the page can, theoretically, become hijacked by cybercriminals.

Some of the most common examples of clickjacking include

  • Redirecting links away from their intended targets.
  • Buttons that sign individuals up to follow Twitter accounts without their knowledge.
  • Tricking members of social networking sites like Facebook and Myspace to reveal their login information.

Learning about Clickjacking Threats

This blog will follow the continued efforts of web browser vendors to combat clickjacking in an attempt to educate internet users about the threats that clickjacking poses. I will also offer information about the latest clickjacking techniques that cybercriminals use to trick us into doing things without our knowledge.

Clickjacking is a serious problem that continues to plague the internet even as browsers search for ways to prevent cybercriminals from using the technique.

This blog will also provide everyone with a place to discuss their experiences with clickjacking. Thousands of people have fallen victim to this fraud. I admit that even I have had some experience as a clickjacking victim myself. As we delve into specific instances of clickjacking, I think that all of us will learn important lessons that will offer improved online protection.

Advertisements
Explore posts in the same categories: Uncategorized

Tags: , , , ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: