Additional information (cl)

Clickjacking (UI redressing)

Clickjacking is an interface-based scam in which a user is tricked into clicking on f.e. a button or a link on a hidden website by clicking on something in a decoy website. This is often done by using an Iframe (a separate inline-frame in which another website is loaded than the website in the URL).
Next to classic clickjacking, we also know: Likejacking, Nested clickjacking, Cursorjacking, Mousejacking, Browserless clickjacking, Cookiejacking, Filejacking and Password manager attack.

To protect yourself against clickjacking you could use a frame-busting browser extension, or turn off the use of javaScript (which however also makes other benign functionalities useless).
Generally, prevention can be categorized as followed:
Client-side: NoScript, NoClickjack, GuardedID, Gazelle and Intersection Observer v2
Server-side: Framekiller, X-Frame-Options.


This type of phishing typically uses an already known e-mail layout, to appear to be original. Mostly this is combined with spoofing to even make the sender look the same. The attachment however is replaced by another (malicious) one.
This type of phishing is often succesful, because of the fact that there is hardly any way to see that it's illegitimate, plus: sometimes people do not reply to the first (original) one they received, as a result of which they dó react to the second (malicious) one.

Social (and other) things: