{"id":3224,"date":"2021-09-21T12:26:13","date_gmt":"2021-09-21T12:26:13","guid":{"rendered":"https:\/\/www.xparksystems.ae\/blog\/?p=3224"},"modified":"2024-02-22T13:48:32","modified_gmt":"2024-02-22T09:48:32","slug":"clickjacking-classification-origin-prevention-techniques","status":"publish","type":"post","link":"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/","title":{"rendered":"Clickjacking: Classification, Origin &#038; Prevention Techniques"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Clickjacking is a malicious hacking technique, also known as a <\/span><i><span style=\"font-weight: 400;\">\u201cUI redress attack\u201d<\/span><\/i><span style=\"font-weight: 400;\"> which prompts a user into clicking something that isn\u2019t what it actually seems or perceived. It can be a redirection link or perhaps a misleading URL which takes users to another application, domain or both.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Such an action from a user also reveals confidential information to the hacker or attacker, allowing them to illegally seize control of the user&#8217;s system. With many different cybercrimes already taking their toll on the web, let\u2019s have a look at clickjacking, its types and prevention methods.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If your business deals with <\/span><a href=\"https:\/\/www.xparksystems.ae\/services\/web-development\/\"><b>web development<\/b><\/a> <span style=\"font-weight: 400;\">for instance, the details below will surely help you out!<\/span><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_53 counter-hierarchy ez-toc-counter ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Key Takeaways<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\" role=\"button\"><label for=\"item-664e517649f70\" ><span class=\"\"><span style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #555555;color:#555555\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #555555;color:#555555\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input aria-label=\"Toggle\" aria-label=\"item-664e517649f70\"  type=\"checkbox\" id=\"item-664e517649f70\"><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#classification-of-clickjacking\" title=\"Classification of Clickjacking\">Classification of Clickjacking<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#clickjacking-common-examples\" title=\"Clickjacking Common Examples\">Clickjacking Common Examples<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#prevention-mitigation-techniques\" title=\"Prevention &amp; Mitigation Techniques\">Prevention &amp; Mitigation Techniques<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#check-website%e2%80%99s-vulnerability-with-clickjacking-test\" title=\"Check Website\u2019s Vulnerability with Clickjacking Test\">Check Website\u2019s Vulnerability with Clickjacking Test<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"classification-of-clickjacking\"><\/span><b>Classification of Clickjacking<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Listed below are common types of clickjacking and how they attack:<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><b><i>Classic:<\/i><\/b><span style=\"font-weight: 400;\"> It mostly works via common web browser<\/span><\/li>\n<li aria-level=\"1\"><b><i>Likejacking:<\/i><\/b><span style=\"font-weight: 400;\"> It camouflages various Facebook platform capabilities to trick users<\/span><\/li>\n<li aria-level=\"1\"><b><i>Nested:<\/i><\/b><span style=\"font-weight: 400;\"> It\u2019s designed specifically to affect <\/span><i><span style=\"font-weight: 400;\">Google+<\/span><\/i><\/li>\n<li aria-level=\"1\"><b><i>Cursorjacking:<\/i><\/b><span style=\"font-weight: 400;\"> It manipulates the appearance and location of the cursor on the computer or when browsing online.<\/span><\/li>\n<li aria-level=\"1\"><b><i>MouseJacking:<\/i><\/b><span style=\"font-weight: 400;\"> It takes illegal control or is injected to the keyboard and\/or mouse through a remote RF link.<\/span><\/li>\n<li aria-level=\"1\"><b><i>Browserless:<\/i><\/b><span style=\"font-weight: 400;\"> As the name says, it works without using a browser<\/span><\/li>\n<li aria-level=\"1\"><b><i>Cookiejacking:<\/i><\/b><span style=\"font-weight: 400;\"> It works by acquiring cookies and cookie data from various browsers<\/span><\/li>\n<li aria-level=\"1\"><b><i>Filejacking:<\/i><\/b><span style=\"font-weight: 400;\"> It further sets up or turns the affected device into a file server<\/span><\/li>\n<li aria-level=\"1\"><b><i>Password Manager Attack:<\/i><\/b><span style=\"font-weight: 400;\"> A types of clickjacking that targets vulnerability in the browsers\u2019 autofill capability<\/span><\/li>\n<\/ul>\n<p><img class=\"aligncenter wp-image-3230 size-full\" src=\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-prevention.jpg\" alt=\"Clickjacking-prevention\" width=\"1000\" height=\"709\" srcset=\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-prevention.jpg 1000w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-prevention-300x213.jpg 300w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-prevention-768x545.jpg 768w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-prevention-624x442.jpg 624w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<p><strong>History &amp; Origin<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">Back in 2002, it was discovered that loading a transparent layer on a webpage triggers or impacted by the user&#8217;s input unwillingly or noticing. Such a thing was ignored back then until 2008 when <\/span><i><span style=\"font-weight: 400;\">Robert Hansen <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Jeremiah Grossman <\/span><\/i><span style=\"font-weight: 400;\">found out that <\/span><i><span style=\"font-weight: 400;\">Adobe Flash Player <\/span><\/i><span style=\"font-weight: 400;\">was vulnerable to clickjacking that allows an attacker to illegally gain access to a user\u2019s system without letting them know.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The term <\/span><i><span style=\"font-weight: 400;\">\u201c<\/span><\/i><i><span style=\"font-weight: 400;\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking\" rel=\"nofollow\">clickjacking,<\/a><\/span><\/i><i><span style=\"font-weight: 400;\">\u201d <\/span><\/i><span style=\"font-weight: 400;\">was then coined by both the originators who identified the malware. More attacks of similar nature surfaced which further modernized the term into <\/span><i><span style=\"font-weight: 400;\">\u201cUI redressing\u201d<\/span><\/i><span style=\"font-weight: 400;\"> which also classified the attack into many different categories based on the way it tricks users and attacks.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"clickjacking-common-examples\"><\/span><b>Clickjacking Common Examples<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><b><i>Money Transfer Fraud<\/i><\/b><\/p>\n<p><span style=\"font-weight: 400;\">In this particular type of UI redress attack, hackers trick users into clicking a link to a malicious page which transfers money from the bank account. Provided below is a brief to how it actually works:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The user is presented with a harmless website or a page link that can even be loaded from an email link offering something lucrative and irresistible such as a <\/span><i><span style=\"font-weight: 400;\">free gift, a vacation deal <\/span><\/i><span style=\"font-weight: 400;\">and so on. In real, these are actually funds transfer confirmation link(s) disguised under a web application layer hence it\u2019s also known as <\/span><i><span style=\"font-weight: 400;\">\u201cUI redress\u201d<\/span><\/i><span style=\"font-weight: 400;\">. While the money transfer takes place, users are further redirected to more free gifts or likewise page links or simply make them share more confidential information.<\/span><\/p>\n<p><b><i>Webcam &amp; Microphone Activation<\/i><\/b><\/p>\n<p><span style=\"font-weight: 400;\">This particular type of clickjacking attack is triggered by invisibly loading <\/span><i><span style=\"font-weight: 400;\">Adobe Flash Player<\/span><\/i><span style=\"font-weight: 400;\"> settings of a user\u2019s system on another link. On clicking, the plug-in settings give attackers illegal access to the microphone and webcam of a user.<\/span><\/p>\n<p><img class=\"aligncenter size-full wp-image-3229\" src=\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-scaled.jpg\" alt=\"Clickjacking-attack\" width=\"2560\" height=\"1707\" srcset=\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-scaled.jpg 2560w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-300x200.jpg 300w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-1024x683.jpg 1024w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-768x512.jpg 768w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-1536x1024.jpg 1536w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-2048x1365.jpg 2048w, https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-attack-624x416.jpg 624w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/p>\n<h3><span class=\"ez-toc-section\" id=\"prevention-mitigation-techniques\"><\/span><span style=\"font-weight: 400;\">Prevention &amp; Mitigation Techniques<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">There are two layers of prevention from clickjacking attacks. These are subdivided into various types. Provided below are relevant details:<\/span><\/p>\n<h4><strong>1- Client-Side<\/strong><\/h4>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">NoScript<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A <\/span><i><span style=\"font-weight: 400;\">NoScript <\/span><\/i><span style=\"font-weight: 400;\">add-on with <\/span><i><span style=\"font-weight: 400;\">ClearClick <\/span><\/i><span style=\"font-weight: 400;\">feature can be added to the desktop and mobile browser version of <\/span><i><span style=\"font-weight: 400;\">Mozilla Firefox<\/span><\/i><span style=\"font-weight: 400;\"> which prevents users from clicking redressed page elements.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">NoClickjack<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This particular browser extension offers client-side protection for users of <\/span><i><span style=\"font-weight: 400;\">Microsoft Edge, Firefox, Google Chrome <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Opera<\/span><\/i><span style=\"font-weight: 400;\"> without interrupting the <\/span><i><span style=\"font-weight: 400;\">iFrames <\/span><\/i><span style=\"font-weight: 400;\">operations.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">GuardedID<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">It\u2019s a commercial product to add client-side protection for <\/span><i><span style=\"font-weight: 400;\">Internet Explorer <\/span><\/i><span style=\"font-weight: 400;\">users. It comes with an add-on feature of <\/span><i><span style=\"font-weight: 400;\">NoClickjack <\/span><\/i><span style=\"font-weight: 400;\">that multiplies the security to <\/span><i><span style=\"font-weight: 400;\">Google Chrome, Mozilla Firefox, Opera <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Microsoft Edge <\/span><\/i><span style=\"font-weight: 400;\">browsers.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Gazelle<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A research project helmed by <\/span><i><span style=\"font-weight: 400;\">Microsoft<\/span><\/i><span style=\"font-weight: 400;\">; <\/span><i><span style=\"font-weight: 400;\">Gazelle <\/span><\/i><span style=\"font-weight: 400;\">is to secure users of <\/span><i><span style=\"font-weight: 400;\">Internet Explorer <\/span><\/i><span style=\"font-weight: 400;\">from clickjacking.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Intersection Observer V2<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The concept of tracking <\/span><i><span style=\"font-weight: 400;\">\u201cvisibility\u201d<\/span><\/i><span style=\"font-weight: 400;\"> just as a human would perceive allows all redressed or camouflaged links to appear in their default form thus preventing users from falling victim to the trick.<\/span><\/p>\n<h4><strong>2- Server-Side<\/strong><\/h4>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Framekiller<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Website owners can protect users against frame-based clickjacking through introducing a <\/span><i><span style=\"font-weight: 400;\">framekiller<\/span><\/i><span style=\"font-weight: 400;\"> which prevents unwanted <\/span><i><span style=\"font-weight: 400;\">JavaScript <\/span><\/i><span style=\"font-weight: 400;\">snippets from loading on the pages that, on happening can trigger clickjacking.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">X-Frame-Options<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Back in 2009, the coming of <\/span><i><span style=\"font-weight: 400;\">Internet Explorer 8 <\/span><\/i><span style=\"font-weight: 400;\">offered a new <\/span><i><span style=\"font-weight: 400;\">HTTP <\/span><\/i><span style=\"font-weight: 400;\">header <\/span><i><span style=\"font-weight: 400;\">X-Frame-Options <\/span><\/i><span style=\"font-weight: 400;\">that partially protected users against clickjacking and was eventually adopted by other browsers like <\/span><i><span style=\"font-weight: 400;\">Safari, Google Chrome, Firefox <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Opera<\/span><\/i><span style=\"font-weight: 400;\">. On activation, framing from only particular websites was allowed which prevented clickjacking attacks. In 2013, the <\/span><i><span style=\"font-weight: 400;\">X-Frame-Options <\/span><\/i><span style=\"font-weight: 400;\">header was officially released however not as per the Internet standards, offering only valuable information.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Content Security Policy<\/span><\/i><\/li>\n<\/ul>\n<p><i><span style=\"font-weight: 400;\">Content Security Policy <\/span><\/i><span style=\"font-weight: 400;\">version 1.1 enables users to allow or disallow content embedding through <\/span><i><span style=\"font-weight: 400;\">frame-ancestors <\/span><\/i><span style=\"font-weight: 400;\">which protects potentially hostile pages from attacking. The <\/span><i><span style=\"font-weight: 400;\">frame-ancestors <\/span><\/i><span style=\"font-weight: 400;\">policy must be preferred by browsers to prevent clickjacking attacks; however, there\u2019re still some popular browsers that deny the content policy.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"check-website%e2%80%99s-vulnerability-with-clickjacking-test\"><\/span><span style=\"font-weight: 400;\">Check Website\u2019s Vulnerability with Clickjacking Test<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">You can even check a website\u2019s vulnerability to clickjacking by creating an HTML page and add a sensitive page from the existing website in an <\/span><i><span style=\"font-weight: 400;\">iFrame<\/span><\/i><span style=\"font-weight: 400;\">. Do note that execution of the test code must be done on another web server.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Make sure your website is protected from all sorts of clickjacking and other such attacks for better customer experience.<\/span><\/p>\n<div class=\"wp-socializer wpsr-share-icons \" data-lg-action=\"show\" data-sm-action=\"show\" data-sm-width=\"768\" ><h3>Share and Enjoy !<\/h3><div class=\"wpsr-si-inner\"><div class=\"wpsr-counter wpsrc-sz-32px\" style=\"color:#000\"><span class=\"scount\"><span data-wpsrs=\"\" data-wpsrs-svcs=\"facebook,twitter,linkedin,reddit,pinterest,print,pdf\">0<\/span><\/span><small class=\"stext\">Shares<\/small><\/div><div class=\"socializer sr-popup sr-32px sr-circle sr-opacity sr-pad sr-count-1 sr-count-1\"><span class=\"sr-facebook\"><a rel=\"nofollow\" href=\"https:\/\/www.facebook.com\/share.php?u=\" target=\"_blank\"  title=\"Share this on Facebook\"  style=\"color: #ffffff\" ><i class=\"fab fa-facebook-f\"><\/i><span class=\"ctext\"><span data-wpsrs=\"\" data-wpsrs-svcs=\"facebook\">0<\/span><\/span><\/a><\/span>\n<span class=\"sr-twitter\"><a rel=\"nofollow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=%20-%20%20\" target=\"_blank\"  title=\"Tweet this !\"  style=\"color: #ffffff\" ><i class=\"fab fa-twitter\"><\/i><\/a><\/span>\n<span class=\"sr-linkedin\"><a rel=\"nofollow\" href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=\" target=\"_blank\"  title=\"Add this to LinkedIn\"  style=\"color: #ffffff\" ><i class=\"fab fa-linkedin-in\"><\/i><\/a><\/span>\n<span class=\"sr-reddit\"><a rel=\"nofollow\" href=\"https:\/\/reddit.com\/submit?url=&amp;title=\" target=\"_blank\"  title=\"Submit this to Reddit\"  style=\"color: #ffffff\" ><i class=\"fab fa-reddit-alien\"><\/i><\/a><\/span>\n<span class=\"sr-pinterest\"><a rel=\"nofollow\" href=\"https:\/\/www.pinterest.com\/pin\/create\/button\/?url=&amp;media=&amp;description=\" target=\"_blank\"  title=\"Submit this to Pinterest\"  style=\"color: #ffffff\" data-pin-custom=\"true\"><i class=\"fab fa-pinterest\"><\/i><span class=\"ctext\"><span data-wpsrs=\"\" data-wpsrs-svcs=\"pinterest\">0<\/span><\/span><\/a><\/span>\n<span class=\"sr-print\"><a rel=\"nofollow\" href=\"https:\/\/www.printfriendly.com\/print?url=\" target=\"_blank\"  title=\"Print this article \"  style=\"color: #ffffff\" ><i class=\"fa fa-print\"><\/i><\/a><\/span>\n<span class=\"sr-pdf\"><a rel=\"nofollow\" href=\"https:\/\/www.printfriendly.com\/print?url=\" target=\"_blank\"  title=\"Convert to PDF\"  style=\"color: #ffffff\" ><i class=\"fa fa-file-pdf\"><\/i><\/a><\/span><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Clickjacking is a malicious hacking technique, also known as a \u201cUI redress attack\u201d which prompts a user into clicking something that isn\u2019t what it actually seems or perceived. It can be a redirection link or perhaps a misleading URL which takes users to another application, domain or both.\u00a0 Such an action from a user also [&hellip;]<\/p>\n","protected":false},"author":18,"featured_media":3227,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[70],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v16.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity<\/title>\n<meta name=\"description\" content=\"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity\" \/>\n<meta property=\"og:description\" content=\"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/\" \/>\n<meta property=\"og:site_name\" content=\"Digital Gravity\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-21T12:26:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-22T09:48:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"548\" \/>\n\t<meta property=\"og:image:height\" content=\"250\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#organization\",\"name\":\"Digital Gravity\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2019\/12\/linkedin-dp.jpg\",\"contentUrl\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2019\/12\/linkedin-dp.jpg\",\"width\":300,\"height\":300,\"caption\":\"Digital Gravity\"},\"image\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#website\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/\",\"name\":\"Digital Gravity\",\"description\":\"Web Design Blog\",\"publisher\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/www.xparksystems.ae\/blog\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"contentUrl\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"width\":548,\"height\":250,\"caption\":\"Clickjacking-Classification-attack-prevention-2021\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#webpage\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/\",\"name\":\"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity\",\"isPartOf\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage\"},\"datePublished\":\"2021-09-21T12:26:13+00:00\",\"dateModified\":\"2024-02-22T09:48:32+00:00\",\"description\":\"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"position\":2,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/category\/web\/\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/category\/web\/\",\"name\":\"Web Development\"}},{\"@type\":\"ListItem\",\"position\":3,\"item\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#webpage\"}}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#\/schema\/person\/9abfe8dec97e7eccd4b026f6a469457d\"},\"headline\":\"Clickjacking: Classification, Origin &#038; Prevention Techniques\",\"datePublished\":\"2021-09-21T12:26:13+00:00\",\"dateModified\":\"2024-02-22T09:48:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#webpage\"},\"wordCount\":910,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"articleSection\":[\"Web Development\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.xparksystems.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#\/schema\/person\/9abfe8dec97e7eccd4b026f6a469457d\",\"name\":\"Team DG\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.xparksystems.ae\/blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/07\/dg.jpg\",\"contentUrl\":\"https:\/\/www.xparksystems.ae\/blog\/wp-content\/uploads\/2021\/07\/dg.jpg\",\"caption\":\"Team DG\"},\"description\":\"Team DG consists of passionate writers, SEOs, designers, paid marketing specialists, and creative strategists. As a team, we work together to lift businesses and brands from ground-up and push them to new heights. Every new challenge helps us to expand our horizon of knowledge and gain valuable experiences. Team DG leverages those experiences to create result-driven marketing campaigns for brands and help them reach their ambitious goals.\",\"sameAs\":[\"https:\/\/www.xparksystems.ae\/\"],\"url\":\"https:\/\/www.xparksystems.ae\/blog\/author\/teamdg\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/posts\/3224"}],"collection":[{"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/comments?post=3224"}],"version-history":[{"count":7,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/posts\/3224\/revisions"}],"predecessor-version":[{"id":5813,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/posts\/3224\/revisions\/5813"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/media\/3227"}],"wp:attachment":[{"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/media?parent=3224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/categories?post=3224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xparksystems.ae\/blog\/wp-json\/wp\/v2\/tags?post=3224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}