I agree with you. Its not just the attacker needs to have everything else set, the buttons will need to be placed in the exact location of the submit button - any change to the display resolution of window size will disable this method.

Overall Clickjacking is a creative 'social engineering' method that takes advantage of Layers to hijack clicks - but its not reliable and may not hit the wild in high volume anytime soon.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11534/35252#35252