The definition of clickjacking

According to several sources, clickjacking represents a way of tricking the web users to click on hidden buttons in order to take control over their computer or revealing personal information.

How does clickjacking works

The method is more than simple. The attacker generates a web-page full of “credible” buttons that actually don’t do anything. Why that? Because on the top of this page is another layer, that is transparent and it covers all the other buttons. This transparent layer contains another button that basically is invisible to the users. So, when the user clicks on a visible button, he actually clicks on the transparent layer. This transparent layer contains a button that makes another action (obviously, malicious) than the user thinks is doing.

Facebook and Clickjacking

As one of the largest social network, Facebook is great places for this sort of attacks. The users are easily tricked by seeing a Facebook look-like page containing the well known “Like” or “Allow application” buttons. This buttons are dummy of course, and then the user clicks on them, they actually do something else, not liking or allowing.

How can you protect agains Clickjacking?

The best way of protecting against clickjacking is by not clicking on suspicious buttons. Doing this, you are perfectly safe. Ok, but how can you know which are the the suspicious buttons? First of all, in order to get to this buttons you have to click on a link, that usually is displayed on a friend’s profile. This link contains some “great” headlines like “Justin Bieber phone number”, “Pictures of girls in bikinis”, “All boys can stare at it but girls cannot” or any subject that it would be against Facebook’s Terms (porn, mature content, violent actions, etc). More of that, under this headline, usually is a description and a link. Take a close look at that link, because you can easily decide if that is a good or malicious link. Links like “likeportal.com”, “likeylikey.com”, “fblike.net”, “img-mee.com”, “letslikeit.com”, “likethis.mbosoft.com”, “mylike.co.uk” are definitely malicious links.

If you were unable to see the link by clicking too fast, or just didn’t pay enough attention, it is not too late. In the new opened window/tab/browser, check the URL. If is not from facebook.com just close it.

Another way of protecting against clickjacking is by using a “script blocker” application/ad-don. This can save you, but is not always safe. More of that it blocks cleans scrips also (like Google Ads, flash videos, and so on). Various website recommends NoScript for protecting.

What happens when I click on clickjacking links?

You never now. Every clickjack threat can be different. But most of them just post a malicious link on your profile in order to become visible for you Facebook friends. They possible will click on the link posted on your profile and get infected. Some of them can steal information from you account.

What happens if I get infected?

The first thing to do is to delete all the posts on you wall that ware auto-published by the malicious script. After that you urgently have to run a full computer scan. I know, it takes a lot, but you have to do this in order to be sure that no malicious application was installed on your computer.

Also, if you see malicious posts on your friend’s profile notify them about the problem.

Finally, watch the next movie about how clickjacking attacks works. Please pay attention until the end on the video. You could get your computer more safer.