Some folks have noticed links from accounts they follow prefaced by the words, “Don’t click” which of course people want to click right away. The links take you to a web site employing technique called clickjacking. This technique seeks to trick web users and can take action on your behalf while you perform seemingly unrelated tasks.
As wikipedia states, clickjacking is “A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user’s knowledge, such as clicking on a button that appears to perform another function.” In this case that “other function” was posting a link to your Twitter account so that more people could be tricked and the cycle could perpetuate.
Thankfully the harm was restricted to constant reposting of the link, but we take malicious attacks on Twitter users very seriously and this morning we submitted an update which blocks this clickjacking technique.
Did someone say … cookies?
X and its partners use cookies to provide you with a better, safer and
faster service and to support our business. Some cookies are necessary to use
our services, improve our services, and make sure they work properly.
Show more about your choices.