Are you using IE8?

If you are using Internet Explorer 8, then you owe it to yourself to check out these examples of how you are NOT protected from click jacking attacks. The techniques used in this YouTube video are opacity (using an invisible page) and placement (using a “hole” in the page to trick users). As you will quickly see, it isn’t difficult for someone to create a web page that tricks IE8 users into doing things unintentionally. In this case, it involves tricking users into buying products from Amazon.

Note that the tutorial shows that the URL listed at the bottom of page shows that clicking the link takes the user to an Amazon page. If you ever needed proof that it is important to pay attention to this part of your browser, then here you go. Clickjacking attempts often fail to mask this part of their attacks. Scammers know that few people read that part of their screens anyway, so what’s the point of trying to hide it?

This video suggests using GuardedID to recognize clickjacking attacks. I second that suggestion. But I also think that we should all be more careful to use the tools that we already have before we start looking for  other options that will solve our problems without asking us to change our internet behavior.

Advertisements
Explore posts in the same categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: