Protecting Yourself From Clickjacking

by on Jun 13, 2009 | 2 comments

Clickjacking is one of newer online threats. If you are not familiar with it, here is an excerpt on what it is:

Clickjacking is a malicious technique of tricking web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user’s knowledge, such as clicking on a button that appears to perform another function.

This is threat regardless of what browser you are using. Thankfully, Firefox users can protect themselves from this threat with NoScript. The linked article contains an email from the author of NoScript which explains the settings to use to protect yourself.

Basically, using NoScript with user specified trusted site protection (default configuration) protects you against most all scenario’s, but for complete protection you would need to disable all IFRAME’s. Disabling the IFRAMES, however may cause certain sites to completely stop working.

IE8 users can heed the following advice:

End-users can mitigate the impact of CSRF attacks by logging out of sensitive websites when not in use, and by browsing in independent InPrivate Browsing sessions. (InPrivate sessions start with an empty cookie jar, so cached cookies cannot be replayed in CSRF attacks.)

Free eBook!

Like what you read?

If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below:

Post A Comment Using Facebook

  • John Kirkham

    “Clickjacking is one of newer online threats” It isn’t ‘one of the newer’ threats. Was in fact one of the first methods to dupe net user’s in the mid nineties.

  • Ghost|BOFH

    Not to mention of course…

    That with Linux, you don’t have to worry about such things, unless they’re clever enough to set it up for a *nix operating system…and of course you run a browser as root…and it can effect Firefox and/or Opera…or Galleon…or…

What’s Your Preference?

Daily Alerts

Each day we send out a quick email to thousands of PCMECH readers to notify them of new posts. This email is just a short, plain email with titles and links to our latest posts. You can unsubscribe from this service at any time.

You can subscribe to it by leaving your email address in the following field and confirming your subscription when you get an email asking you to do so.

Enter your email address for
Daily Updates:

Weekly Newsletter

Running for over 6 years, the PCMECH weekly newsletter helps you keep tabs on the world of tech. Each issue includes news bits, an article, an exclusive rant as well as a download of the week. This newsletter is subscribed to by over 28,000 readers (many who also subscribe to the other option) - come join the community!

To subscribe to this weekly newsletter simply add your email address to the following field and then follow the confirmation prompts. You will be able to unsubscribe at any time.

Enter your email address for
Free Weekly Newsletter: