What is Clickjacking?
Clickjacking (or "UI Redressing") is a form of malicious online activity where the victim is tricked into clicking something different from what they perceive. This usually involves the malicious actor creating a transparent clickable layer directly on top of a perceived element. The actor, thinking they are interacting with this seemingly top-level element, unknowingly interacts with the other.
This often reroutes them to another page, likely owned by the malicious actor, but may also lead the victim into unknowingly giving consent to certain permissions, making purchases, or downloading malicious software.
How can I defend myself against clickjacking?
Clickjacking attempts, unlike some other forms of malicious online activity, can be difficult to recognize at first glance. This is why you must implement proactive measures to detect and prevent the possibility of clickjacking when viewing web pages. For example:
- Frame-Busting Scripts - Defensive code that prevents a web page from being loaded within an inline frame (an element used to embed another web page within a specific region of the current one).
- X-Frame Options - An HTTP options header that controls whether your web page allows framing from other domains.
Enterprise 2FA and password manager. One key for all your passwords. Experience fully automated login and security. Faster MFA, auto-OTP, password manager, and worry-free workflow with proximity-based privileged access management for Windows 11, 10, 8, 7, VPNs, desktop applications, and websites.
or call 240-547-5446
