Cybercriminals have a raft of tactics and tricks they employ against organisations and individuals, from targeted whaling attacks on top executives to social engineering scams aimed at admins. Among the various tools in a hacker’s kit is clickjacking, a devious ploy that can fool a personnel member into clicking on a link that appears to direct them to one online destination, but instead reroutes them to another address entirely. This new destination is of the hacker’s choosing, and will have typically been set up for malicious reasons.

How clickjacking affects firms

Sometimes referred to as IFRAME overlay or redressing, clickjacking can have a damaging impact on enterprises. In many instances, an employee who clicks on a link will be completely oblivious that they are being redirected, which opens up many vulnerabilities for a business.

There are numerous ways a hacker can employ links that redirect for criminal gain. A prevalent type of clickjacking involves a website’s password and login form being mirrored. The redirected user believes they are inputting their private access credentials into a trusted form, but the hacker has in fact overlaid their own fields over the user interface to steal the added data.

Using this IFRAME overlay, cybercriminals can net passwords, usernames and even credit card numbers, which they can then exploit or use in even deeper penetration of a company’s system. A hacker may also select to use the links to redirect users to unknowingly download malicious software that offers them greater access remotely to a company’s network.

Clickjacking can also be the beginning of an advanced persistent threat (APT), which is exceptionally dangerous for organisations and institutions who must protect intellectual property or private and sensitive data.

Clickjacking scenarios

Malicious links can be disguised beneath media and activate following a hidden action, such as ordering a certain product or liking a post on social media. Should an employee be fooled into downloading harmful content via a link onto a company device, the results can range from inconvenient to financially damaging. In many cases, if detected, the malware can be removed via protective software. However, if more complex, it may be necessary to reformat the impacted device and reinstall its chosen operating systems, which can be disruptive. If undetected, the malware may have much more serious consequences, from infections spreading across networks to ransomware packages that encrypt important files.

To hide its intentions and activities, clickjacking can also control certain system configurations – for example, enabling or disabling a webcam or microphone if a prompt using JavaScript should request access permission. It can also potentially collect location data and other information from a device for hackers to employ in future criminal activity.

Prevention from cybercriminal strategies

There is no doubt that clickjacking can be an intrusive act that can potentially result in damaging consequences. At Galaxkey, we have developed a secure platform that allows enterprise employees to operate safely from any location, on any device. Contact our team for free 14-day trial and work in a secure environment today.