How Do I Avoid A Click Jacking Attack Whilst Surfing The Internet?

hidden DIVs and click jacking

I have always tried to emphasize how sneaky hackers can be when they are running attacks on unsuspecting Internet users.

There are several underhanded ways that hackers can get malicious files on your desktop but none are more sneaky than using a click jack attack.

This attack can severely ruin your internet experience since you are unknowingly given a third party piece of malicious software the permission to do whatever it likes on your computer.

I will explain more about click jacking and how you can avoid becoming a victim later on in the article.

hidden DIVs and click jacking

Hidden DIVs

When a security professional uses the term click jacking they are talking about the use of a hidden DIV on a web page, that tricks the user into allowing a piece of code to execute.

A DIV is a piece of mark up code in the web page that functions as a container that will hold other elements of a web page.

A DIV has elements that will hide the true button over a seemingly normal button or image on a web  page.

You believe that you are clicking the normal button but in actuality there is another button in front of it but it is invisible.

This attack is very effective since a hacker can sneak the code on a trusted web site and make everything look like it is normal.

The person who runs the site will see the same thing that they usually see and will not know until they start to receive complaints that anything is wrong.

This attack has been around for several years at this point but in the last two years has become increasingly popular.

The basic browsers that are available today are very susceptible to these kinds of attacks.

Fortunately Firefox allows you to place plugins into your browser that will prevent attacks such as these from occurring.

Internet Explorer 8 has partial protection against these attacks but most people still use Internet Explorer 7 and earlier versions which are very much at risk.

Firefox And No Script

At this point in time, using Firefox with the combination of the No Script plugin seems to be the best way to be able to protect yourself.

Even that combination is not a hundred percent foolproof but it gets the job done in most cases.

if you are an owner of a web site, every now and then you must do an audit of the code on your site.

If you were not the creator of your site then have someone else who knows what they are doing perform the process.

This is the only way that you will be able to stay ahead of the game when it comes to protecting your web site.

If you are just a web surfer, you should be aware that such attacks do exist and rely on the right tools to help protect yourself.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Trackbacks

  1. […] of the people who might be vulnerable.The one attack that does not seem to be going away is the click jacking attack.This attack is still rearing its ugly head and for many reasons.I will take the time and show you […]

  2. […] Black hat hackers have taken this idea and made it part of a click jacking attack. […]

  3. […] – What Do I Need To Know?Have You Heard Of The New Hack Attack Called Chat In The Middle?How Do I Avoid A Click Jacking Attack Whilst Surfing The Internet?Outlook Spam Filter With Bayesian Filtering TechnologyHow Can Applications With Geo Locator […]

Speak Your Mind

*