clickjacking

(redirected from clickjack)
Also found in: Dictionary.

clickjacking

A malicious action such as stealing confidential information that is perpetrated against a user who is browsing a website. The user is "hijacked" by "clicking" a link on a contaminated Web page that executes the malware. The buttons may appear legitimate, but users are actually clicking buttons on a transparent layer they cannot see. The buttons can cause anything to happen, including making a purchase.

Likejacking and Sharejacking
Numerous clickjacking scams have been perpetrated on Facebook. For example, Facebook Like and Share buttons have been hidden under other buttons so that, when clicked, users would voice their preference for something or share something with their friends unknowingly in order to generate viral marketing for a product or to propagate malware. See CSRF and hijacking.
Mentioned in ?
References in periodicals archive ?
lt;p>Clickjack Prevention<p>New in the IE8 release candidate, Clickjack Prevention allows Web content owners to put a tag in the page header that will block clickjacking, a type of cross-site scripting that uses embedded code to tricks users into clicking on a link that appears to perform another function.
A free plug-in called NoScript, built for the Firefox web browser, includes pop-up warnings about potential clickjacks, but will also query clicks on Flash videos, commonly used on many websites - and it is not easy to install, said Mr Cluley.