✈️ Download our latest Travel Playbook here. Unravelling the complexities of the travel industry in a globalised world. 🗺️

Clickjacking: What it is & Tips to browse the Internet Safely

( 2 min read )

  • Go back to blog home
  • All posts
    All posts|Currency Updates
    All posts|Currency Updates|International Trade
    All posts|International Trade
    Blog
    Central Bank Meetings
    Charities & NGOs
    Currency Updates
    Currency Updates|In The News
    Ecommerce
    Fraud
    FX 101
    In The News
    International Trade
    Podcast
    Press Release
    Product Update
    Security & Fraud
    Special FX Reports
    Special Report
    Weekly Market Update
  • Latest

27 March 2023

Written by
Monika Ravey

Fraud Manager

The internet is a huge part of our life, and we rely on it for multiple reasons in our day-to-day lives. However, it is important to be conscious of good practices when browsing the internet to protect your information and ensure security.

C
lickjacking is a term you may not have heard of but is more prevalent than you might think. It’s a situation when you’re tricked into believing you’re clicking one thing, but actually, you’re clicking something completely different than you intended to. And that something downloads malware, uploads credentials, makes purchases or even transfers money!

How does it do that? There are actually several types of clickjacking. For example, you get tricked into using a copy of a real website, superimposed over the top of the real website. Whenever you watch an embedded YouTube video on a website, that’s an example of how this works. But instead of clearly showing the video as part of the website, clickjackers cover the real website with their fake. Now, everything you click is doing what the clickjacker wants it to, and the potential opportunity this presents them is why you need to be aware.

Clickjacking can happen on mobile devices as well as computers, and webmasters for the genuine site are responsible for the security measures designed to prevent clickjacking attacks, and that’s where most of the steps needed to defend against clickjacking can be found. But as with all cyber threats targeted at you, there are things you can do for your online safety:

  1. Update your browser with the latest security patches. These days most browsers have built-in protection against clickjacking, either warning users that they are trying to access a dangerous website, or by blocking access completely. Keeping your browser up to date provides continuous protection against the latest threats.
  2. Pay attention to any browser warnings that appear for websites you visit. If you are warned not to proceed, don’t.
  3. Always have 2FA enabled for accessing authenticated platforms. Clickjackers won’t be able to replicate your 2FA security, so if you’re expecting a text and don’t get it, this could be a sign of clickjacking.
  4. As with many cyber threats, be wary of emails prompting you to address an urgent matter. Clickjackers want you to be on their website, so these emails will ask you to click a link, and that link could take you to a website that looks identical to your banking or other official website, but is actually the clickjackers version of it.
  5. Consider using a password manager in your browser. If you’re redirected to a fake website, the URL of that site won’t correspond to what the password manager is expecting. So if the password manager doesn’t auto-populate the credentials, that can be a sign that the website is not legitimate.
  6. Clickjackers want you to be on their website or app and may try to get you to download an app that could be malware for your device. Don’t download any app you are unsure of, and always download apps onto devices through official app stores.
  7. Avoid clicking on ads that appear too good to be true on Google, Facebook and the like. Sometimes, clicking on these could take you to a website the clickjacker wants you to be on. Remember, if it looks too good to be true, it probably is!
  8. Avoid clicking on pop-ups, especially on sites you don’t use regularly. Many of them are malicious and could possibly be clickjackers trying to get you to where they want you to be.

Fraud is a threat to everyone, and the team at Ebury are here to help our customers protect themselves from its effects.

📩 If you need any advice on any fraud-related issues, contact us at [email protected].

SHARE