Hackers can steal your accounts, and all it takes is a double-click — don’t fall for this new form of clickjacking
While you always want to be careful where you click online, a new variation on the classic clickjacking attack should give you pause when a site asks you to double-click on something. As reported by Cybernews, Amazon security engineer Paulos Yibelo has shed light on a new version of this attack that can be used to disable security settings, delete an account or even take over your existing accounts.
As the name suggests, clickjacking is an attack method where hackers, scammers or other cybercriminals hijack your clicks on one website to perform malicious actions on another site. For instance, you might think you’re clicking a button on the site you’re currently browsing, and that click will then be used to buy something on another entirely different site.
Now, hackers have added another click to this attack method to get around the fact that modern browsers no longer send cross-site cookies. As such, this threat, which had almost died out, is now once again being used by hackers in their attacks.
