Another new word in the IT lexicon. This time it is clickjacking.
This term was coined last month by a couple of net security boffins to describe a threat that we all need to be wary about. Malicious code is hidden behind links on legitimate and innocuous web sites to trick web users into revealing confidential information or to take unseen control of their computer.
The scamster penetrates the security on the site and slips code behind some interesting content. The unwary user clicks their mouse thinking it will do something else, but a damaging bit of script is run instead.
The term has shot to prominence since these specialists put the spot light on. they briefed software companies, but no one else, about how it could be perpetrated. Then last week, Adobe underlined the problem by putting out a security warning for its flash product.
Most os us have flash installed these days, as so many websites, include flash animation, So, you may want to check out security advisory APSA08-08 on the Adobe site )follow a link towards the bottom of the support page)
But flash is not alone in being vulnerable, All the web browsers, it seems can be exploited, even the recently released Google chrome.
Unlike with viruses and their ilk, getting protection against clickjacking is not straightforward. There is no security that can help.
Microsoft, Mozilla, Google, Adobe and others are now working hard to release fixes that eliminate these know risks. Meanwhile there seem to be few precautions we can take except to stick to sites we feel confident in.
