clickjacking


Also found in: Dictionary, Thesaurus, Legal, Wikipedia.

clickjacking

A malicious action such as stealing confidential information that is perpetrated against a user who is browsing a website. The user is "hijacked" by "clicking" a link on a contaminated Web page that executes the malware. The buttons may appear legitimate, but users are actually clicking buttons on a transparent layer they cannot see. The buttons can cause anything to happen, including making a purchase.

Likejacking and Sharejacking
Numerous clickjacking scams have been perpetrated on Facebook. For example, Facebook Like and Share buttons have been hidden under other buttons so that, when clicked, users would voice their preference for something or share something with their friends unknowingly in order to generate viral marketing for a product or to propagate malware. See CSRF and hijacking.
References in periodicals archive ?
Selis said schemes such as clickjacking had grown more pervasive, and that millions of Facebook users had probably been exposed to Adscend's spam.
Clickjacking is a term that describes attacks that allow malicious website publishers to control the links visitors click on.
Security experts are warning that 'Clickjacking' is the latest method by which people are being tricked into revealing confidential information online.
It may be from stolen credentials, hijacked browsers or clickjacking. At the moment we are not sure because this research is still ongoing.
Lyons said scammers target Facebook users and proliferate the method of "clickjacking." It is a technique used to trick online users into clicking hidden links and buttons.
1, 2011, 5:39 PM), http://www.zdnet.co.uk/news/security-threats/2011/08/01/ enisa-w3c-web-standards-pose-51-security-threats-40093582/ (defining "clickjacking" as when "a user is fooled into clicking on a seemingly innocuous web object such as a button, which then reveals confidential information").
The scams include cross-site scripting, clickjacking, bogus surveys and identity theft.
The scams include cross-site scripting, clickjacking, bogus surveys and identity theft, said IT security and data protection firm Sophos in a report.
Worst, as (http://www.news.com.au/travel/travel-updates/fake-cnn-accounts-post-hoax-tweets-claiming-to-have-found-malaysia-airlines-flight-mh370/story-fnizu68q-1226863630624) News.com.au notes, is that the fake posts include what is known as 'clickjacking' scams, which leads users into promotional websites and potentially comprise the security of one's account.