(From TechRepublic – 10/19/2008) – “Clickjacking – Potentially harmful web browser exploit – Clickjacking has the potential to redirect unknowing users to malicious Web sites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings.”
I am encouraging my “techie friends” to read the TechRepublic blog post about clickjacking and learn more by “Googling Clickjacking“. There is a whole lot of buzz and concern about this potential problem which ultimately could call for a complete redesign in all browsers. Currently if this exploit takes off, there is no effective solution known at this time. Basically in a nutshell, what you think you may be clicking on in a web page, may in fact end up being malicious code that is transparent to the naked eye, that carries out a malicious operation without your knowledge (i.e. stealing an account number, turning “on” your web camera or microphone).
What is clickjacking? (From Wikipedia) – Clickjacking is a malicious technique of tricking web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user’s knowledge, such as clicking on a button that appears to perform another function.