In an effort to address online display advertising fraud, Google is saying that they have rolled out new defenses against clickjacking.
So, what exactly is clickjacking? Have you ever clicked on a button or tried to play a video on a web page, but then be taken to a completely different web page that had nothing to do with what you clicked on? If you can answer yes, then you’ve clickjacked.
In order for somebody to get clickjacked, a hacker basically places a transparent overlay page over a legitimate web page. From the user’s perspective, things look just fine, but when they click on a link or button and the like, the action actually occurs on the transparent overlay. The scary thing about these transparent pages is that clickjacked pages can be used to trigger things like one-click orders from Amazon, gain Facebook likes and Twitter followers, download malware, which would be used to access users phones. The downloaded malware could be used to enable click fraud on invisible ads.
Other names that clickjacking is known by includes technical names like UI redress, User Interface redress attack and UI redressing.
Luckily Google is addressing the issue of clickjacking. The company discovered clickjacking going on in the Display Network earlier this year.
According to Google, any publisher that they find engaging in clickjacking from the network are being removed. A new fliter had been developed to exlcude invaild traffic on display ads from clickjacked pages on mobile and desktop devices.
There’s a blog post that has announced the moves, Andres Ferrate, Chief Advocate of Ad Traffic Quality at Google, explained:
When our system detects a Clickjacking attempt, we zero-in on the traffic attributed to that placement, and remove it from upcoming payment reports to ensure that advertisers are not charged for those clicks.