clickjacking
C2Technical/Formal
Definition
Meaning
A malicious technique where a user is tricked into clicking on something different from what they perceive, typically by overlaying invisible or disguised elements on a webpage.
A cyber-attack and user-interface redressing technique that tricks a web user into clicking on a hidden or disguised element, leading to unintended actions, such as downloading malware, revealing confidential information, or taking control of their computer.
Linguistics
Semantic Notes
The term is a portmanteau of 'click' (the action) and 'jacking' (from 'hijacking'). It is specifically associated with web security and cybercrime. It is a type of UI redress attack.
Dialectal Variation
British vs American Usage
Differences
No significant lexical differences. Spelling follows regional conventions for compound words (typically as one word or hyphenated).
Connotations
Identical technical connotations in cybersecurity contexts.
Frequency
Equally rare in everyday speech but standard in IT/security professions in both regions.
Vocabulary
Collocations
Grammar
Valency Patterns
The site suffered from clickjacking.The hacker used clickjacking to compromise the account.Protect your application against clickjacking.Vocabulary
Synonyms
Strong
Neutral
Weak
Vocabulary
Antonyms
Usage
Context Usage
Business
IT departments must implement frame-busting scripts to mitigate clickjacking risks on customer portals.
Academic
The paper analyses the efficacy of client-side and server-side defences against clickjacking vulnerabilities.
Everyday
I read an article about not clicking strange buttons because of something called clickjacking.
Technical
The X-Frame-Options header is a common HTTP response header used to mitigate clickjacking by controlling frame embedding.
Examples
By Part of Speech
verb
British English
- The attacker sought to clickjack the user's session.
American English
- The hacker successfully clickjacked the admin panel.
adjective
British English
- They identified a clickjacking vulnerability in the code.
American English
- The update included a critical clickjacking fix.
Examples
By CEFR Level
- Clickjacking is a dangerous trick on the internet.
- To avoid clickjacking, be cautious about where you click, even on familiar websites.
- Modern web browsers have built-in features to help prevent sophisticated clickjacking attacks.
Learning
Memory Aids
Mnemonic
Think of a 'jack' hiding under the 'click' – you think you're clicking one thing, but a hidden jack(hijacker) steals your action.
Conceptual Metaphor
A TRAPDOOR or DECEPTIVE OVERLAY. The user interface is a false front, like a movie set, hiding the real mechanism behind it.
Watch out
Common Pitfalls
Translation Traps (for Russian speakers)
- Прямой перевод 'кликджекинг' понятен, но не является устоявшимся бытовым термином. В профессиональной сфере используется как есть.
- Не путать с 'взлом' (hacking) – это конкретный метод обмана, а не взлома системы.
Common Mistakes
- Using 'clickjacking' to refer to any malicious link (phishing) – clickjacking specifically involves disguised interface elements on a *legitimate* page.
- Spelling as two separate words: 'click jacking'.
Practice
Quiz
What is the primary goal of a clickjacking attack?
FAQ
Frequently Asked Questions
No. Phishing tricks you into going to a fake website. Clickjacking tricks you into clicking something on a real website you are already visiting.
Yes. Keep your browser updated, use security extensions that block suspicious scripts, and be generally wary of clicking on unexpected pop-ups or buttons, even on trusted sites.
Primarily, but the concept can apply to any user interface. Mobile app interfaces could theoretically be targeted in a similar manner.
The most common server-side defence is sending the X-Frame-Options or Content-Security-Policy HTTP headers to prevent a page from being loaded in a frame/iframe, which is essential for most clickjacking attacks.