ecurity researcher Nikhil P. Kulkarni has identified a clickjacking (User Interface redress) vulnerability in Microsoft’s social media website Socl (So.cl). The expert told the company of the flaw back in August, but they addressed it only a few days ago.
“Social Networking sites today are accessed by millions of internet users as it is the best way to stay connected with their near and dear ones. But if they aren’t careful, then they might fall prey for various scams,” the researcher told Softpedia in an email.
“And one such scam is Clickjacking/UI Redress Attacks, where a user can easily be fooled by the hackers. Hackers can get victims to click on their links by disguising them as content that the victim may find interesting such as free gifts or ‘click to win million dollar’ reward scams.”
Kulkarni explains that attackers can trick victims into performing certain actions by hiding their malicious pages on top of legitimate pages in a transparent layer.