Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous Web pages. (Source: http://en.wikipedia.org/wiki/Clickjacking)
[Image Source]
Here is a simple example where clicking anywhere on the screen (except header and footer) takes the user to another website. http://www.collegehumor.com/video:1928558
Prevention
Currently it seems like there is only one way of protecting against such attacks and that is by using the ‘NoScript‘ add-on for Firefox.
One more quick example of a phishing email.
As per the tip in my previous post: checkout the domain name.
It is actually replaced by an IP address
OWASP (Open Web Application Security Project) recently released OWASP Top 10 – 2010 rc1, their new Top Ten List of website vulnerabilities.
At number eight (8) there is a new entry – A8 – UnvalidatedRedirects and Forwards (NEW). I thought I’ll briefly talk about it as it recently happened with me.
I received the following email from a friend on Facebook (FB). When a user on FB sends an email with a link, FB prefixes the link with its own URL: http://www.facebook.com/<sometext>/<original link>
As any normal user I clicked on the link thinking what it must be.
The link redirected me to the following page:
What this page was trying to do was: it displayed the message “Content requires Adobe Flash Player 10.37…”.
If the user clicked on ‘Install’ it downloaded a “setup.exe” file.
On double-clicking it, it would have tried to infect your PC.
If you look at the page closely there are number of issues in there to help the user identify that it is a phishing page.
- The title of the page (on top left) is spelt wrongly – YuoTube
- User has used Facebook’s icon as the website icon
- The link/URL is neither Facebook.com nor Youtube.com, in fact it is just an IP address
- Message “…Contect requires Flash Player…” is itself embeded inside a flash video. As in flash is already installed and running on the page.
Hacker has tried to make the page look as similar as possible to Youtube, but it fails big time. Above are some of the quick noticable items, but this page actually nowhere close to a real Youtube page.
TIP: The best way to identify if it is a phishing site or not is by noting the domain name of the website. If the domain name does not sound familiar to the site you were supposed to be at then there is something wrong.
Here is a real cool feature if you’re a Gmail user!!
How often it happens that you click on an email link on a website and it tries to find MS Outlook or Outlook Express or some other external email application to send the email. Quite often I guess! And if you’re using Gmail’s web interface for your emails then you have to manually copy the link, open Gmail and then paste the email address – quite a cumbersome process I must say!
How cool it would be if you’re using Google Chrome and you could use Gmail web interface without going through this long process? Pretty cool aye? 
Now you can with a little bit of extension magic.
Getting Chrome Ready for Extensions
The first thing that you will need to do is prepare Chrome to use extensions if you have not previously done so. Locate the shortcut(s) for Chrome and right click on them. Select “Properties”.
Once you have clicked through, you will see the “Properties” window with the “Shortcut” tab displayed.
In the address area for “Target:” you will need to add the following command to the end of the target path making certain to leave a single space in between the final quote mark and the enable extensions command.
Here is an example of what the the target path should look like…
Once you have that finished, click “Apply”, then “OK”. Now you are ready to add your new extension!
Installing the Extension
Once you have gone to the link provided below, click on the link as shown to access the .crx file. Once the file has finished downloading, you will be prompted about the installation.
When the extension is ready to install, you will see the following message window. Click on “Install” to add the extension to Chrome. Now you are ready for all those new e-mails!
Whenever you click on a mailto link, Gmail will open up just like this…the entire window will be focused on letter composing only (nice!).
Conclusion
If you love using Gmail for all of your e-mail needs, then this extension is certain to be a perfect addition to your browser!
Links
Download the GmailDefaultClient extension (Chrome Forums)
Note: The download link is approximately two-thirds of the way down the page.
Source
Recent Comments