Clickjacking

Clickjacking (also known as ‘UI redressing’ and ‘IFRAME overlay’) involves tricking someone into clicking on one object on a web page while they think they are clicking on another. The attacker loads a transparent page over the legitimate content on the web page, so that the victim thinks they are clicking on a legitimate item when they are really clicking on something on the attacker’s invisible page. In this way, the attacker is able to hijack the victim’s click for their own purpose. Clickjacking could be used to install malware, to gain access to one of the victim’s online accounts, or to enable the victim’s webcam. A variation of this technique, known as ‘likejacking’ involves tricking people into ‘liking’ or ‘sharing’ a status update.