Clickjacking

In a clickjacking attack, the user is presented with a false interface, where their input is applied to something they cannot see

Clickjacking (classified as a user interface redress attack or UI redressing) is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.[1][2][3][4][5]

Clickjacking is an instance of the confused deputy problem, wherein a computer is tricked into misusing its authority.[6]

  1. ^ Robert McMillan (17 September 2008). "At Adobe's request, hackers nix 'clickjacking' talk". PC World. Archived from the original on 17 July 2015. Retrieved 8 October 2008.
  2. ^ Megha Dhawan (29 September 2008). "Beware, clickjackers on the prowl". The Times of India. Archived from the original on 24 July 2009. Retrieved 8 October 2008.
  3. ^ Dan Goodin (7 October 2008). "Net game turns PC into undercover surveillance zombie". The Register. Retrieved 8 October 2008.
  4. ^ Fredrick Lane (8 October 2008). "Web Surfers Face Dangerous New Threat: 'Clickjacking'". newsfactor.com. Archived from the original on 13 October 2008. Retrieved 8 October 2008.
  5. ^ Shahriar, Hossain; Devendran, Vamshee Krishna (4 July 2014). "Classification of Clickjacking Attacks and Detection Techniques". Information Security Journal: A Global Perspective. 23 (4–6): 137–147. doi:10.1080/19393555.2014.931489. ISSN 1939-3555. S2CID 43912852.
  6. ^ The Confused Deputy rides again!, Tyler Close, October 2008