GRIDINSOFT HELP CENTER

Clickjacking: What it is, how it works, and simple ways to avoid it

What it is

Clickjacking (also called UI redress) is a web page magic trick. A fake button or invisible layer is placed on top of the real page so you think you’re liking a post, closing a popup, or playing a video—when you’re actually clicking somewhere else (the attacker’s target). More background in our 
clickjacking guide

How it works 

  • The attacker frames a target site under a look-alike page.

  • They hide or offset the real controls (opacity, tiny iframes, CSS).

  • Your click lands on the target site: follow, purchase, enable camera, change settings, etc.

What you might notice

  • Buttons don’t do what they should, or a click triggers an unrelated action

  • Tiny delays before something happens, as if layers were loading

  • Cursor changes or focus jumps to a different part of the page

Stay safe (fast tips)

  1. If a page looks sketchy, don’t click—scroll or reload.

  2. Use Content Security/Privacy tools that block third-party frames and trackers.

  3. Keep your browser updated; modern protections help.

  4. For admins: set X-Frame-Options: DENY or CSP frame-ancestors 'none' on sensitive pages.

If you clicked already

  • Close the tab, clear site data for that domain, and sign out/in again.

  • Review account settings/permissions (camera/mic, follows, subscriptions).

  • Turn on MFA so one bad click can’t take over your account.

    Helpful?

    Glossary (A-Z)

    Still can’t find an answer?

    Send us a ticket and we will get back to you.

    Submit a ticket