Clickjacking-attacks, Are you aware? – Check list for Facebook users



Clickjacking-attacks, Are you aware?

Yes, clicks can be hijacked too! Clickjacking-attacks are there since 2008 but recently they sprung back to bring the sleepless nights again to the Facebook users with a new wave of Clickjacking attacks.

What is Clickjacking?

Clickjacking-attacks happens once a criminal place any invisible button or some other UI element on the top of an apparently safe web page button. It might read as “Click here to get your holiday voucher” but there is an invisible button on the top which normally –

  • Makes you change your Facebook privacy settings
  • Forces you for “Likejacking” (Nothing but “liking” something that normally you don’t)
  • Tricks you to add yourself as follower for someone non-deserving in Twitter
  • Makes you enable camera/ speaker on your PC

Sometimes the Clickjacking can upload a genuine website and overlay its invisible buttons on top of the website.

How to prevent Clickjacking-attack?

1. Update your Internet browser

If your Internet browser is not updated to the latest version, then you might not stop yourself from getting clickjacked. Hence, you might not get the advantage of rest of the security updates that are part of the latest versions of Firefox, Google Chrome or Internet Explorer. It is wise to update your browser to the latest available versions and even cross-check if there is any more up-to-date version can be installed.

Updating browser plug-ins like Flash is even crucial because few older versions might be vulnerable to Clickjacking attacks. It can be updated by visiting the website of each plug-in maker and download the latest version.

2. Download Clickjacking-attack Prevention Software

There is limited built-in Clickjacking protection in some Internet browsers, whereas some Clickjacking detection plug-ins are available for browsers among which some are free. The two widely known ones are:

I. NoScript which is a free anti-clickjacking Firefox plug-in
II. Comitari which is a Web Protection Suite – Home (Limited Edition)

Prevention of Clickjacking is not only a user-responsibility but also of web application developers. They have a crucial role in stopping the content from being manhandled by Clickjackers. If the users learn on the perils of Clickjacking, then it would be possible for them to recognize the attacks. In addition, it might be possible to make the world free from Clickjackers with the help of coding done by website and web application developers.

Read more – Blog eScan

This entry was posted in eScan 11, eScan 14, MailScan, Security and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *