{"id":3224,"date":"2021-09-21T12:26:13","date_gmt":"2021-09-21T12:26:13","guid":{"rendered":"https:\/\/dguaenew.demoz.agency\/blog\/\/?p=3224"},"modified":"2024-12-06T17:11:23","modified_gmt":"2024-12-06T13:11:23","slug":"clickjacking-classification-origin-prevention-techniques","status":"publish","type":"post","link":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/","title":{"rendered":"Clickjacking: Classification, Origin &#038; Prevention Techniques"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Clickjacking is a malicious hacking technique, also known as a <\/span><i><span style=\"font-weight: 400;\">\u201cUI redress attack\u201d<\/span><\/i><span style=\"font-weight: 400;\"> which prompts a user into clicking something that isn\u2019t what it actually seems or perceived. It can be a redirection link or perhaps a misleading URL which takes users to another application, domain or both.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Such an action from a user also reveals confidential information to the hacker or attacker, allowing them to illegally seize control of the user&#8217;s system. With many different cybercrimes already taking their toll on the web, let\u2019s have a look at clickjacking, its types and prevention methods.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If your business deals with <\/span><a href=\"https:\/\/www.digitalgravity.ae\/services\/web-development\/\"><b>web development<\/b><\/a> <span style=\"font-weight: 400;\">for instance, the details below will surely help you out!<\/span><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Key Takeaways<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #555555;color:#555555\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #555555;color:#555555\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"#\" data-href=\"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#classification-of-clickjacking\" >Classification of Clickjacking<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"#\" data-href=\"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#clickjacking-common-examples\" >Clickjacking Common Examples<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"#\" data-href=\"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#prevention-mitigation-techniques\" >Prevention &amp; Mitigation Techniques<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"#\" data-href=\"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#check-websites-vulnerability-with-clickjacking-test\" >Check Website\u2019s Vulnerability with Clickjacking Test<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"classification-of-clickjacking\"><\/span><b>Classification of Clickjacking<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Listed below are common types of clickjacking and how they attack:<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><b><i>Classic:<\/i><\/b><span style=\"font-weight: 400;\"> It mostly works via common web browser<\/span><\/li>\n<li aria-level=\"1\"><b><i>Likejacking:<\/i><\/b><span style=\"font-weight: 400;\"> It camouflages various Facebook platform capabilities to trick users<\/span><\/li>\n<li aria-level=\"1\"><b><i>Nested:<\/i><\/b><span style=\"font-weight: 400;\"> It\u2019s designed specifically to affect <\/span><i><span style=\"font-weight: 400;\">Google+<\/span><\/i><\/li>\n<li aria-level=\"1\"><b><i>Cursorjacking:<\/i><\/b><span style=\"font-weight: 400;\"> It manipulates the appearance and location of the cursor on the computer or when browsing online.<\/span><\/li>\n<li aria-level=\"1\"><b><i>MouseJacking:<\/i><\/b><span style=\"font-weight: 400;\"> It takes illegal control or is injected to the keyboard and\/or mouse through a remote RF link.<\/span><\/li>\n<li aria-level=\"1\"><b><i>Browserless:<\/i><\/b><span style=\"font-weight: 400;\"> As the name says, it works without using a browser<\/span><\/li>\n<li aria-level=\"1\"><b><i>Cookiejacking:<\/i><\/b><span style=\"font-weight: 400;\"> It works by acquiring cookies and cookie data from various browsers<\/span><\/li>\n<li aria-level=\"1\"><b><i>Filejacking:<\/i><\/b><span style=\"font-weight: 400;\"> It further sets up or turns the affected device into a file server<\/span><\/li>\n<li aria-level=\"1\"><b><i>Password Manager Attack:<\/i><\/b><span style=\"font-weight: 400;\"> A types of clickjacking that targets vulnerability in the browsers\u2019 autofill capability<\/span><\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-3230 size-full\" src=\"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-prevention.jpg\" alt=\"Clickjacking-prevention\" width=\"1000\" height=\"709\" srcset=\"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-prevention.jpg 1000w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-prevention-300x213.jpg 300w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-prevention-768x545.jpg 768w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-prevention-624x442.jpg 624w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<p><strong>History &amp; Origin<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">Back in 2002, it was discovered that loading a transparent layer on a webpage triggers or impacted by the user&#8217;s input unwillingly or noticing. Such a thing was ignored back then until 2008 when <\/span><i><span style=\"font-weight: 400;\">Robert Hansen <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Jeremiah Grossman <\/span><\/i><span style=\"font-weight: 400;\">found out that <\/span><i><span style=\"font-weight: 400;\">Adobe Flash Player <\/span><\/i><span style=\"font-weight: 400;\">was vulnerable to clickjacking that allows an attacker to illegally gain access to a user\u2019s system without letting them know.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The term <\/span><i><span style=\"font-weight: 400;\">\u201c<\/span><\/i><i><span style=\"font-weight: 400;\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking\" rel=\"nofollow\">clickjacking,<\/a><\/span><\/i><i><span style=\"font-weight: 400;\">\u201d <\/span><\/i><span style=\"font-weight: 400;\">was then coined by both the originators who identified the malware. More attacks of similar nature surfaced which further modernized the term into <\/span><i><span style=\"font-weight: 400;\">\u201cUI redressing\u201d<\/span><\/i><span style=\"font-weight: 400;\"> which also classified the attack into many different categories based on the way it tricks users and attacks.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"clickjacking-common-examples\"><\/span><b>Clickjacking Common Examples<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><b><i>Money Transfer Fraud<\/i><\/b><\/p>\n<p><span style=\"font-weight: 400;\">In this particular type of UI redress attack, hackers trick users into clicking a link to a malicious page which transfers money from the bank account. Provided below is a brief to how it actually works:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The user is presented with a harmless website or a page link that can even be loaded from an email link offering something lucrative and irresistible such as a <\/span><i><span style=\"font-weight: 400;\">free gift, a vacation deal <\/span><\/i><span style=\"font-weight: 400;\">and so on. In real, these are actually funds transfer confirmation link(s) disguised under a web application layer hence it\u2019s also known as <\/span><i><span style=\"font-weight: 400;\">\u201cUI redress\u201d<\/span><\/i><span style=\"font-weight: 400;\">. While the money transfer takes place, users are further redirected to more free gifts or likewise page links or simply make them share more confidential information.<\/span><\/p>\n<p><b><i>Webcam &amp; Microphone Activation<\/i><\/b><\/p>\n<p><span style=\"font-weight: 400;\">This particular type of clickjacking attack is triggered by invisibly loading <\/span><i><span style=\"font-weight: 400;\">Adobe Flash Player<\/span><\/i><span style=\"font-weight: 400;\"> settings of a user\u2019s system on another link. On clicking, the plug-in settings give attackers illegal access to the microphone and webcam of a user.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-3229\" src=\"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-scaled.jpg\" alt=\"Clickjacking-attack\" width=\"2560\" height=\"1707\" srcset=\"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-scaled.jpg 2560w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-300x200.jpg 300w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-1024x683.jpg 1024w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-768x512.jpg 768w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-1536x1024.jpg 1536w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-2048x1365.jpg 2048w, https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-attack-624x416.jpg 624w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/p>\n<h3><span class=\"ez-toc-section\" id=\"prevention-mitigation-techniques\"><\/span><span style=\"font-weight: 400;\">Prevention &amp; Mitigation Techniques<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">There are two layers of prevention from clickjacking attacks. These are subdivided into various types. Provided below are relevant details:<\/span><\/p>\n<h4><strong>1- Client-Side<\/strong><\/h4>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">NoScript<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A <\/span><i><span style=\"font-weight: 400;\">NoScript <\/span><\/i><span style=\"font-weight: 400;\">add-on with <\/span><i><span style=\"font-weight: 400;\">ClearClick <\/span><\/i><span style=\"font-weight: 400;\">feature can be added to the desktop and mobile browser version of <\/span><i><span style=\"font-weight: 400;\">Mozilla Firefox<\/span><\/i><span style=\"font-weight: 400;\"> which prevents users from clicking redressed page elements.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">NoClickjack<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This particular browser extension offers client-side protection for users of <\/span><i><span style=\"font-weight: 400;\">Microsoft Edge, Firefox, Google Chrome <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Opera<\/span><\/i><span style=\"font-weight: 400;\"> without interrupting the <\/span><i><span style=\"font-weight: 400;\">iFrames <\/span><\/i><span style=\"font-weight: 400;\">operations.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">GuardedID<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">It\u2019s a commercial product to add client-side protection for <\/span><i><span style=\"font-weight: 400;\">Internet Explorer <\/span><\/i><span style=\"font-weight: 400;\">users. It comes with an add-on feature of <\/span><i><span style=\"font-weight: 400;\">NoClickjack <\/span><\/i><span style=\"font-weight: 400;\">that multiplies the security to <\/span><i><span style=\"font-weight: 400;\">Google Chrome, Mozilla Firefox, Opera <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Microsoft Edge <\/span><\/i><span style=\"font-weight: 400;\">browsers.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Gazelle<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A research project helmed by <\/span><i><span style=\"font-weight: 400;\">Microsoft<\/span><\/i><span style=\"font-weight: 400;\">; <\/span><i><span style=\"font-weight: 400;\">Gazelle <\/span><\/i><span style=\"font-weight: 400;\">is to secure users of <\/span><i><span style=\"font-weight: 400;\">Internet Explorer <\/span><\/i><span style=\"font-weight: 400;\">from clickjacking.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Intersection Observer V2<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The concept of tracking <\/span><i><span style=\"font-weight: 400;\">\u201cvisibility\u201d<\/span><\/i><span style=\"font-weight: 400;\"> just as a human would perceive allows all redressed or camouflaged links to appear in their default form thus preventing users from falling victim to the trick.<\/span><\/p>\n<h4><strong>2- Server-Side<\/strong><\/h4>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Framekiller<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Website owners can protect users against frame-based clickjacking through introducing a <\/span><i><span style=\"font-weight: 400;\">framekiller<\/span><\/i><span style=\"font-weight: 400;\"> which prevents unwanted <\/span><i><span style=\"font-weight: 400;\">JavaScript <\/span><\/i><span style=\"font-weight: 400;\">snippets from loading on the pages that, on happening can trigger clickjacking.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">X-Frame-Options<\/span><\/i><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Back in 2009, the coming of <\/span><i><span style=\"font-weight: 400;\">Internet Explorer 8 <\/span><\/i><span style=\"font-weight: 400;\">offered a new <\/span><i><span style=\"font-weight: 400;\">HTTP <\/span><\/i><span style=\"font-weight: 400;\">header <\/span><i><span style=\"font-weight: 400;\">X-Frame-Options <\/span><\/i><span style=\"font-weight: 400;\">that partially protected users against clickjacking and was eventually adopted by other browsers like <\/span><i><span style=\"font-weight: 400;\">Safari, Google Chrome, Firefox <\/span><\/i><span style=\"font-weight: 400;\">and <\/span><i><span style=\"font-weight: 400;\">Opera<\/span><\/i><span style=\"font-weight: 400;\">. On activation, framing from only particular websites was allowed which prevented clickjacking attacks. In 2013, the <\/span><i><span style=\"font-weight: 400;\">X-Frame-Options <\/span><\/i><span style=\"font-weight: 400;\">header was officially released however not as per the Internet standards, offering only valuable information.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><i><span style=\"font-weight: 400;\">Content Security Policy<\/span><\/i><\/li>\n<\/ul>\n<p><i><span style=\"font-weight: 400;\">Content Security Policy <\/span><\/i><span style=\"font-weight: 400;\">version 1.1 enables users to allow or disallow content embedding through <\/span><i><span style=\"font-weight: 400;\">frame-ancestors <\/span><\/i><span style=\"font-weight: 400;\">which protects potentially hostile pages from attacking. The <\/span><i><span style=\"font-weight: 400;\">frame-ancestors <\/span><\/i><span style=\"font-weight: 400;\">policy must be preferred by browsers to prevent clickjacking attacks; however, there\u2019re still some popular browsers that deny the content policy.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"check-websites-vulnerability-with-clickjacking-test\"><\/span><span style=\"font-weight: 400;\">Check Website\u2019s Vulnerability with Clickjacking Test<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">You can even check a website\u2019s vulnerability to clickjacking by creating an HTML page and add a sensitive page from the existing website in an <\/span><i><span style=\"font-weight: 400;\">iFrame<\/span><\/i><span style=\"font-weight: 400;\">. Do note that execution of the test code must be done on another web server.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Make sure your website is protected from all sorts of clickjacking and other such attacks for better customer experience.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Clickjacking is a malicious hacking technique, also known as a \u201cUI redress attack\u201d which prompts a user into clicking something that isn\u2019t what it actually seems or perceived. It can be a redirection link or perhaps a misleading URL which takes users to another application, domain or both.\u00a0 Such an action from a user also [&hellip;]<\/p>\n","protected":false},"author":18,"featured_media":3227,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[70],"tags":[],"class_list":["post-3224","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-web"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity<\/title>\n<meta name=\"description\" content=\"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity\" \/>\n<meta property=\"og:description\" content=\"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/\" \/>\n<meta property=\"og:site_name\" content=\"Digital Gravity\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-21T12:26:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-06T13:11:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.digitalgravity.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"548\" \/>\n\t<meta property=\"og:image:height\" content=\"250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Team DG\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Team DG\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/\"},\"author\":{\"name\":\"Team DG\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/#\\\/schema\\\/person\\\/9abfe8dec97e7eccd4b026f6a469457d\"},\"headline\":\"Clickjacking: Classification, Origin &#038; Prevention Techniques\",\"datePublished\":\"2021-09-21T12:26:13+00:00\",\"dateModified\":\"2024-12-06T13:11:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/\"},\"wordCount\":912,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\\\/uploads\\\/2021\\\/09\\\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"articleSection\":[\"Web Development\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/\",\"url\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/\",\"name\":\"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\\\/uploads\\\/2021\\\/09\\\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"datePublished\":\"2021-09-21T12:26:13+00:00\",\"dateModified\":\"2024-12-06T13:11:23+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/#\\\/schema\\\/person\\\/9abfe8dec97e7eccd4b026f6a469457d\"},\"description\":\"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#primaryimage\",\"url\":\"https:\\\/\\\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\\\/uploads\\\/2021\\\/09\\\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"contentUrl\":\"https:\\\/\\\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\\\/uploads\\\/2021\\\/09\\\/Clickjacking-Classification-attack-prevention-2021-1.jpg\",\"width\":548,\"height\":250,\"caption\":\"Clickjacking-Classification-attack-prevention-2021\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/clickjacking-classification-origin-prevention-techniques\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Clickjacking: Classification, Origin &#038; Prevention Techniques\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/\",\"name\":\"Digital Gravity\",\"description\":\"Web Design Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/#\\\/schema\\\/person\\\/9abfe8dec97e7eccd4b026f6a469457d\",\"name\":\"Team DG\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/79495e6216054f66bac281c28ddc79f2b8156eecbc8e41c6a372f6cade6a330d?s=96&d=wp_user_avatar&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/79495e6216054f66bac281c28ddc79f2b8156eecbc8e41c6a372f6cade6a330d?s=96&d=wp_user_avatar&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/79495e6216054f66bac281c28ddc79f2b8156eecbc8e41c6a372f6cade6a330d?s=96&d=wp_user_avatar&r=g\",\"caption\":\"Team DG\"},\"description\":\"Team DG consists of passionate writers, SEOs, designers, paid marketing specialists, and creative strategists. As a team, we work together to lift businesses and brands from ground-up and push them to new heights. Every new challenge helps us to expand our horizon of knowledge and gain valuable experiences. Team DG leverages those experiences to create result-driven marketing campaigns for brands and help them reach their ambitious goals.\",\"sameAs\":[\"https:\\\/\\\/www.digitalgravity.ae\\\/\"],\"url\":\"https:\\\/\\\/www.digitalgravity.ae\\\/blog\\\/author\\\/teamdg\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity","description":"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/","og_locale":"en_US","og_type":"article","og_title":"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity","og_description":"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.","og_url":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/","og_site_name":"Digital Gravity","article_published_time":"2021-09-21T12:26:13+00:00","article_modified_time":"2024-12-06T13:11:23+00:00","og_image":[{"width":548,"height":250,"url":"https:\/\/www.digitalgravity.ae\/blog\/wp-content\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg","type":"image\/jpeg"}],"author":"Team DG","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Team DG","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#article","isPartOf":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/"},"author":{"name":"Team DG","@id":"https:\/\/www.digitalgravity.ae\/blog\/#\/schema\/person\/9abfe8dec97e7eccd4b026f6a469457d"},"headline":"Clickjacking: Classification, Origin &#038; Prevention Techniques","datePublished":"2021-09-21T12:26:13+00:00","dateModified":"2024-12-06T13:11:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/"},"wordCount":912,"commentCount":0,"image":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage"},"thumbnailUrl":"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg","articleSection":["Web Development"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/","url":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/","name":"Clickjacking: Classification, Origin, Clickjacking Attacks, Prevention | Digital Gravity","isPartOf":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage"},"image":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage"},"thumbnailUrl":"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg","datePublished":"2021-09-21T12:26:13+00:00","dateModified":"2024-12-06T13:11:23+00:00","author":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/#\/schema\/person\/9abfe8dec97e7eccd4b026f6a469457d"},"description":"Clickjacking can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.","breadcrumb":{"@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#primaryimage","url":"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg","contentUrl":"https:\/\/digitalgravityprod.s3.ap-southeast-1.amazonaws.com\/uploads\/2021\/09\/Clickjacking-Classification-attack-prevention-2021-1.jpg","width":548,"height":250,"caption":"Clickjacking-Classification-attack-prevention-2021"},{"@type":"BreadcrumbList","@id":"https:\/\/www.digitalgravity.ae\/blog\/clickjacking-classification-origin-prevention-techniques\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.digitalgravity.ae\/blog\/"},{"@type":"ListItem","position":2,"name":"Clickjacking: Classification, Origin &#038; Prevention Techniques"}]},{"@type":"WebSite","@id":"https:\/\/www.digitalgravity.ae\/blog\/#website","url":"https:\/\/www.digitalgravity.ae\/blog\/","name":"Digital Gravity","description":"Web Design Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.digitalgravity.ae\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.digitalgravity.ae\/blog\/#\/schema\/person\/9abfe8dec97e7eccd4b026f6a469457d","name":"Team DG","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/79495e6216054f66bac281c28ddc79f2b8156eecbc8e41c6a372f6cade6a330d?s=96&d=wp_user_avatar&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/79495e6216054f66bac281c28ddc79f2b8156eecbc8e41c6a372f6cade6a330d?s=96&d=wp_user_avatar&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/79495e6216054f66bac281c28ddc79f2b8156eecbc8e41c6a372f6cade6a330d?s=96&d=wp_user_avatar&r=g","caption":"Team DG"},"description":"Team DG consists of passionate writers, SEOs, designers, paid marketing specialists, and creative strategists. As a team, we work together to lift businesses and brands from ground-up and push them to new heights. Every new challenge helps us to expand our horizon of knowledge and gain valuable experiences. Team DG leverages those experiences to create result-driven marketing campaigns for brands and help them reach their ambitious goals.","sameAs":["https:\/\/www.digitalgravity.ae\/"],"url":"https:\/\/www.digitalgravity.ae\/blog\/author\/teamdg\/"}]}},"_links":{"self":[{"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/posts\/3224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/comments?post=3224"}],"version-history":[{"count":8,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/posts\/3224\/revisions"}],"predecessor-version":[{"id":7385,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/posts\/3224\/revisions\/7385"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/media\/3227"}],"wp:attachment":[{"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/media?parent=3224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/categories?post=3224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.digitalgravity.ae\/blog\/wp-json\/wp\/v2\/tags?post=3224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}