Republic of the Philippines
National Police Commission
PHILIPPINE NATIONAL POLICE
Camp BGen Rafael T Crame, Quezon City
ACG-CYBER SECURITY BULLETIN NR 162: BEWARE OF “Clickjacking”
Reference Number: ACG-CSB 040219162
The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG) and classified as “Restricted” pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.
Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to another page, most likely owned by another application or domain.
Clicking a webpage element which is invisible or disguised as another element. This can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online. The page could be a malicious page or a legitimate page which the user do not intend to visit.
Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be made to believe that they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker.
Links can be hidden under media and trigger a particular action, such as liking a particular page or ordering a product online. The user may need to meet certain conditions for the attack to actually be successful, such as staying logged into a social media accounts.
User gets tricked into downloading something on their computer, then they have to deal with a compromised computer. In the best case scenario, they can get rid of the malware through an anti-virus scan. In the worst case, they would need to reformat their computer and reinstall the operating system.
Clickjacking is an intrusive and damaging attack method that can lead to many serious consequences. Your company needs a way to proactively stop this attack from turning your website or content into a dangerous environment for users.
All PNP personnel as well as the public are advised to follow these tips in order to avoid the risk of Clickjacking, to wit:
• Prevent framing from other domains: Stop a hacker from putting an invisible overlay on your popular content. The only way that your page can get served in a frame with this configuration is if it is in the same domain as the website;
• Use antivirus programs, with automatic updates of signatures and software, on clients and servers;
• Avoid unsafe or suspicious website that asks to click on links; and
• Do not share a personal information
For additional information, please refer to the following websites:
POINT OF CONTACT