Glossary
Clickjacking

Clickjacking

Clickjacking is a malicious attack in which a bad actor creates a transparent or opaque layer over a legitimate website to deceive visitors into clicking hidden buttons or links. Visitors inadvertently trigger a concealed action by clicking or tapping on what appears to be a benign button or link, potentially leading to compromised user accounts, stolen sensitive information, or malware installation on their devices. 

To prevent clickjacking, you can implement security measures like frame-busting code and the X-Frame-Options header, which effectively keep webpages from being displayed or rendered within an iframe. Additionally, employing JavaScript techniques such as the "sandbox" attribute or "Content Security Policy'' restricts the execution of untrusted code and prevents the unauthorized framing of content. 

User awareness and education also play a vital role in avoiding clickjacking attacks. Visitors should exercise caution when clicking links or buttons that seem unusual or are not in their expected location on a webpage. Preventing clickjacking attacks requires keeping software and web browsers up to date.

Other glossary terms