Prevent Clickjacking Attacks

 

The scary thing about a clickjacking attack is there isn't any foolproof way of detecting when it is happening to you. Through clever hackery, some dastardly villain somewhere will show you a website that looks harmless, but they can use it to steal your clicks, making you do something drastically different than what you think you're doing.
Clickjacking, put simply, is when a button, image, video, or some form of embedded content on a website is overlaid by an invisible layer that sits on top of the site underneath it.
For instance, you may see a page with a movie embedded on it. You want to watch the movie, so you click on the play button. You don't think twice about it -- you've done it a million times. Meanwhile, a hacker has superimposed an invisible web page over the movie. It just so happens that a button allowing access to your camera and microphone has been placed over the movie's play button. Now, when you think you're playing the movie, you're actually permitting the hacker to access your video camera and microphone.
That invisible layer sitting on top of the page has intercepted and highjacked your mouse click.
There are a few steps you can take to ensure clickjacking is stopped at the source. Let's get cracking.