What is clickjacking and how can hackers steal your confidential data? All you need to know


While browsing some websites, we often come across multiple download buttons or banners.

By ScienceDirect

Read also : This Android malware erases smartphones after stealing money from bank accounts

As soon as you click the wrong download button, it either downloads something else or takes you to an often malicious webpage that seeks to steal your personal information. You, dear user, have now been the victim of clickjacking.

What is clickjacking?

According to imperva, a cybersecurity company, clickjacking is an attack that tricks a user into clicking on a webpage element that is actually disguised as something else. This may be to trick you into downloading infected malware onto your computer or phishing confidential details to take you to a site that looks as genuine as the real deal.

Clickjacking is usually done by displaying an invisible page or HTML element inside an iframe above the page visible to the user. It looks like the user is clicking on something legitimate, but in the background, the link is actually designed to take you somewhere else.

Types of clickjacking

Click hijacking comes in a variety of avatars, but the two main ones that are currently in use are like hijacking and cursor hijacking.

Likejacking is prevalent on the popular social media platform, Facebook. In the Likejacking technique, the Facebook Like button is manipulated to trick users into liking a page they don’t actually intend to like. Imagine, you hit like for a page of a chocolate brand, but it’s actually registered on a scam page selling counterfeit items – and you have no idea.

What is clickjacking and how can hackers steal your confidential data?  All you need to know
Wikipedia

Read also : Fake Android app stole Facebook passwords of 100,000 users through Google Play

Something similar was seen on Twitter where people who just wanted to like a tweet unknowingly retweeted the malicious post, reaching more users along the way.

Cursorjacking, on the other hand, is a UI overlay technique that changes the position of the cursor on a webpage. Imagine, you see the cursor on the screen to the left, but the cursor is actually on the right, just above the malicious link that you shouldn’t click on.

Cursourjacking works with vulnerabilities in Flash and the Firefox browser. However, these have now been fixed. What has also helped is that HTML5 has become the online standard for most sites.

Keep visiting Indiatimes.com for the last science and technology news.

Previous QNAP warns users to disable AFP until it fixes critical bugs
Next cybersecurity guidelines: the government publishes new cybersecurity guidelines