Definition:
Clickjacking is a type of attack where a malicious actor tricks a user into clicking on an invisible or disguised element on a web page, leading them to perform unintended actions such as downloading malware or sharing personal information.
Use Cases:
- Used by attackers to trick users into clicking hidden buttons or links that perform malicious actions.
- Employed in phishing attacks to steal sensitive information, such as login credentials.
Related Terms:
Questions and Answers:
- How do attackers execute a clickjacking attack?
Attackers layer malicious content over legitimate web pages using iframes or similar techniques, tricking users into clicking on hidden or disguised elements.
- What are the consequences of a clickjacking attack?
Clickjacking can lead to unwanted actions such as downloading malware, sharing sensitive information, or making unintended financial transactions.
- How can websites defend against clickjacking?
Websites can implement frame-busting techniques, such as the X-Frame-Options HTTP header, to prevent malicious framing of their content.