Pure Binary

Clickjacking is the most recent kind of threat being experienced by the internet world. Not only the flaws of internet browsers but also the website flaws are responsible for the problem of Clickjacking. It would be easy to understand Clickjacking if you know about the phishing. Phishing is the technique used by malicious web programmers to trick web users to reveal their secret information such as passwords and credit card information on a fake and forged website. Clickjacking has made it worst because now you never know whether the website has some malicious script running in the background without your consent. Moreover, what would you do if there is a link to any malicious and forged website is invisible to you and your data is being leaked. usually there is no way to know for users that whether the Submit Button they clicked on performs the same function which you expect. Specifically  for unverified or unauthorized websites there is no good solution available. Though you should take care that you do not reveal your confidential information on any un-verified website. For instance, if you are going to do transaction using PayPal, then first you should confirm that there is an authorization icon of VeriSign Inc. in the browser’s URL bar. If it is not there then you are being trapped in phishing.

These flaws were recently discussed in recen OWASP conference, however looking to the seriousness of the matter nothing was disclosed. However, it was decided to inform vendors of web browsers to rectify the flwas. There is much more tough task ahead as it would take lots of time to correct the vulnerabilities in website platforms and the web browsers. But till then surf carefully and avoid clicking or visiting unknown websites which asks for your personal informations. You can install good web-antivirus such as McAfee and modern browsers like Firefox 3.x which warns you about malicious websites.

Tags: Security Issues // Add Comment »