By Stuart J. Johnston
The latest Internet threat cloaks Web links so a wayward click can download malware to your PC without your knowledge.
What’s worse, all browsers and other Web software are susceptible to clickjacking, but you can take steps to reduce the risk.
Clickjacking allows an attacker to use one or more of several new attack scenarios to literally steal your mouse clicks. When you think you’re clicking on a simple button — for example, to see the next page of an article — you may actually be giving the bad guys permission to do something entirely different, such as log on to your online checking account.
By taking advantage of any of a growing number of recently discovered vulnerabilities in Microsoft’s Internet Explorer, Mozilla’s Firefox, Apple’s Safari, and all other Web browsers, criminals can hijack your system by intercepting clicks of what appear to be legitimate links.
The problem doesn’t stop there, however. At least some of the flaws that make clickjacking possible also show up in such popular Web tools as Adobe’s Flash player and Microsoft’s Silverlight streaming-media plug-in.