Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

DoubleClickjacking hack turns double-clicks into account takeovers


Nowadays, twice click on something on the site without thinking can set you hackers to reach your information.

A new hack trick called “doubleclickjacking” turns your ordinary action in a cunning way for attackers to take control of your account or change your device settings.

Let’s separate it.

Stay protected and informed! Get security warnings and professional technological tips – sign up for Cyberguy Kurt’s report

Man on a laptop

An illustration of an individual who was cheated. (Kurt “Cyberguy” Knutsson)

What is doubleclickjacking?

Doubleclickjacking is a new spin on the old Hacker trick Known as clickjacking. Usually, clicking works by hiding malicious buttons under the right ones, so when you think you click something harmless, you actually give a permit for something dangerous. With doubleclickjacking, things need one step further. It starts when you click twice, allowing hackers to sneak into an additional, invisible command. Your first click can do something normal. The second click? This is what happens.

What is artificial intelligence (AI)?

hacker

Illustration of hackers at work. (Kurt “Cyberguy” Knutsson)

Get a job with Fox on a clicking movement here

Why is this a threat?

The scary part is how invisible this trick is. Twice clicks is something we all do automatically, often without thinking. But that simple action could be permission to hackers:

  • Access to your webcone or microphone
  • Change your browser settings
  • Click “Allow” on a hidden jump window
  • Share your location
  • Approve the application, payment or even crypto transaction

What DoubleClickjacking does particularly dangerous is that most websites were not designed to defend itself from it. Traditional security features usually protect against one click, but they often fail when a second click is on. That little detail opens the door to the attackers to bypass layers of protection.

Neither does this trick affect websites just. Can also interfere with browser extensions like crypto wallets And vpn -do, sometimes deceive users in approval of actions or exclusion of protection without understanding it. On mobile devices, a simple double touch can start the same effect. To make matters worse, this vulnerability is widespread than you might expect. Many famous websites have not yet fixed this. All you need is one quick double click in the wrong place, and you could unconsciously give access to the sensitive parts of your device.

Malicious software exposes 3.9 billion passwords in a huge cyber -safety threat

How does DoubleClickjacking work?

Here is a simplified version of how the trick is played. The malicious website quietly loads invisible elements behind or through visible, such as a built -in frame, a hidden button or a disguised jump window. In the first click, the attacker uses the action to remodel those hidden elements so that your next click follows exactly where they want it. In the second click, you are unconsciously communicated with hidden content. You may click “allow” a browser permit, approves to sign up or disable the setting without ever understanding it. Because Modern browsers are lightning fastAll this happens in a split second. The whole placement and switch are almost invisible to the user. From your perspective, it simply feels like a normal double click.

security picture

Picture of a PC security features. (Kurt “Cyberguy” Knutsson)

The new phishing fraud surpasses security codes to steal your data

How to protect yourself

Doubleclickjacking could be cunning, but there are simple ways to make it safe on the net. Here are some practical steps you can take immediately:

1. Be careful about double clicking on unknown websites: It may sound obvious, but most of us automatically click (and you click twice). If the web site asks you to click anything twice, especially for logging, permission or download, ask yourself if it is really necessary. Hackers rely on being acting quickly without thinking.

2. Notify the browser: Viewers like Chrome, Edge and Safari regularly release patches for these vulnerability. This means that the update delay could leave you exposed to tricks like Doubleclickjacking. Include automatic updates if possible or be sure to hold manually with updates to always be protected.

3. Use strong antiviral software: Tools and expanses on the base of the browser can help block hidden or malicious scripts before they start but not stupid. The best way to protect yourself from malicious connections installed by malicious software, potentially access to your private data, is to install a strong antivirus software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.

4. Use strong, unique passwords for each account: Do not use passwords. If one account is threatened, the hackers can use it to access other accounts. The password manager helps you effortlessly to create and store strong passwords. Get more details about my Best reviewed password managers from 2025. Here.

5. Limit unnecessary permits: Download control over privacy by reviewing which websites have access to your camera, microphone and location. Many websites require this permit according to the default settings, even when they do not need it. Start in your browser’s privacy settings and recall access from any website that you do not fully believe in. For example, here’s a guide How to move Google’s privacy settings.

6. Avoid tricky pages and jumping windows: If the website looks outdated, unwanted mail or aggressively push you to click something, get out of there. Avoid downloading random files and do not believe the jump windows that claim you have won something, you need to “fix” your device or “check” your application information.

Windows Defender Safety Center: How to Protect Your PC from False Jumping Windows

Kurts key endeavor

Doubleclickjacking is a smart new spin on classic trick hacking that allows cyber criminals to take control of your device or account, only from a simple double click. Because this type of attack is almost invisible and acts on popular browsers, it is important to stay awake. Always be careful when interacting with unknown websites, especially if you are asked to click twice. If your browser updates and limits unnecessary permission, it can go a long way to reduce risk. Most importantly, if they set the right tools for digital protection, they can help you stop these types of threats before they ever reach you.

Have you noticed an unusual behavior after a double clicking on the site or are you a close call with fraud? Let us know by writing us on Cyberguy.com/contact

Click here to get the Fox News app

For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter

Ask the Kurt question or let us know what stories you would like to cover.

Follow Kurt on his social channels:

Answer to the most demanding questions about Cyberguy:

New from Kurt:

Copyright 2025 Cyberguy.com. All rights reserved.

Kurt “Cyberguy” Knutsson is a award -winning technological journalist who deep love for technology, equipment and gadgets who improve life with their Fox News & Fox Business Start at Fox & Friends in the morning. Do you have a technical question? Get Kurt’s free newsletter about Cyberguy, share your voice, idea of ​​a story or comment on Cyberguy.com.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending now

Fury’s win: fair or foul?
Withered and detached: Fury’s press conference appearance raises doubts
Why Crawford will never be #1: The fighters he avoids
Shakur begins camp to defend title in Schofield