While browsing through some websites, we often come across multiple download buttons or banners.?
Also Read:?This Android Malware Is Erasing Smartphones After Stealing Money From Bank Accounts
The moment you click on a wrong download button, it downloads something else altogether or takes you to a webpage, often a malicious one that¡¯s looking to steal your personal information. You, dear user, have now been clickjacked.
According to Imperva, a cybersecurity firm, clickjacking is an attack that fools a user into clicking a webpage element that is actually disguised as something else. This can be to lure you into downloading an infected malware into your computer or to phish confidential details to take you to a site that looks as genuine as the real deal.
Clickjacking typically is done by displaying an invisible page or HTML element inside an iframe atop the page that¡¯s visible to the user. The user feels they're clicking on something legit, but in the background, the link is actually designed to take you someplace else altogether.?
Clickjacking comes in a variety of avatars, but the two prominent ones that are currently in use are likejacking and cursorjacking.
Likejacking is prevalent on the popular social media platform, Facebook. In the Likejacking technique, Facebook¡¯s like button is manipulated to lure users into liking a page that they don¡¯t actually intend to. Imagine, you hit Like for a page of a Chocolate brand but the like actually is registered to a scam page selling counterfeit items -- and you have no clue about it whatsoever.?
Also Read:?A Sham Android App Has Stolen Facebook Passwords Of 100,000 Users Via Google Play
Something similar has been witnessed onTwitter where people who simply wanted to like a tweet unknowingly retweeted the malicious post, reaching more users along the way.?
Cursorjacking on the other hand is a UI overlay technique that changes the cursor position on a web page. Imagine, you see the cursor on the screen to the left, but the cursor actually is on the right, right over the malicious link you shouldn¡¯t be clicking on.?
Cursourjacking works with vulnerabilities in Flash and the Firefox browser. However, these have now been fixed. What has also helped is HTML5 becoming the norm online for most sites.?
Keep visiting?Indiatimes.com?for the latest?science and technology?news.