While browsing some websites, we often come across multiple download buttons or banners.
Read also : This Android malware erases smartphones after stealing money from bank accounts
As soon as you click the wrong download button, it either downloads something else or takes you to an often malicious webpage that seeks to steal your personal information. You, dear user, have now been the victim of clickjacking.
What is clickjacking?
According to imperva, a cybersecurity company, clickjacking is an attack that tricks a user into clicking on a webpage element that is actually disguised as something else. This may be to trick you into downloading infected malware onto your computer or phishing confidential details to take you to a site that looks as genuine as the real deal.
Clickjacking is usually done by displaying an invisible page or HTML element inside an iframe above the page visible to the user. It looks like the user is clicking on something legitimate, but in the background, the link is actually designed to take you somewhere else.
Types of clickjacking
Click hijacking comes in a variety of avatars, but the two main ones that are currently in use are like hijacking and cursor hijacking.
Likejacking is prevalent on the popular social media platform, Facebook. In the Likejacking technique, the Facebook Like button is manipulated to trick users into liking a page they don’t actually intend to like. Imagine, you hit like for a page of a chocolate brand, but it’s actually registered on a scam page selling counterfeit items – and you have no idea.
Read also : Fake Android app stole Facebook passwords of 100,000 users through Google Play
Something similar was seen on Twitter where people who just wanted to like a tweet unknowingly retweeted the malicious post, reaching more users along the way.
Cursorjacking, on the other hand, is a UI overlay technique that changes the position of the cursor on a webpage. Imagine, you see the cursor on the screen to the left, but the cursor is actually on the right, just above the malicious link that you shouldn’t click on.
Cursourjacking works with vulnerabilities in Flash and the Firefox browser. However, these have now been fixed. What has also helped is that HTML5 has become the online standard for most sites.
Keep visiting Indiatimes.com for the last science and technology news.