Airbridge
PricingCustomers
Log InGet Started Free
A

Airbridge AI

Ask anything about Airbridge

Responses are AI-generated and may not always be accurate.
Conversations may be recorded to improve answer quality.

Airbridge

Stop paying for ads that don't perform. Track ad performance to know exactly what's driving your ROI.

Plans

  • Compare All Plans
  • DeepLink
  • Core
  • Growth
  • Pricing

Features

  • Airbridge AI
  • Marketing Analytics
  • Fraud Protection
  • Web & App Attribution
  • ROAS Measurement
  • iOS & SKAN
  • Deep Linking
  • Data Export
  • Audience Manager

Resources

  • Blog
  • Case Studies
  • Glossary
  • Library
  • Academy
  • User Guide
  • Developer Guide

Company

  • About Us
  • Terms of Service
  • Electronic Payment Terms
  • Privacy Policy
  • Information Security
  • GDPR
  • Data Processing Addendum
  • System Status

© 2026 AB180 Inc. All rights reserved.

AB180 Inc. | Business Registration: 550-88-00196

Back to Glossary
C

Click hijacking

Definition

Click hijacking is an attack in which a user’s legitimate click is intercepted by some sort of fraudulent activity. By hijacking user activity and interrupting the original course of action of the legitimate click, attackers are able to trick users into performing other unwanted actions.

A
Airbridge
May 20, 2024·3 min read

Table of Contents

  • What is click hijacking?
  • How does it work?
    • Transparent overlays
    • Cursor jacking
    • Fraudulent click reports
  • How to prevent click hijacking
    • Use X-Frame-Options
    • Monitor your analytics data
    • Use an MMP

What is click hijacking?

Click hijacking, also known as clickjacking, is typically generated by malware hidden within an app which is hardly detectable by general users. This malware is discreetly placed inside apps by bad actors, competing ad networks, or other fraudsters who are attempting to perform a range of malicious acts – from stealing the last-click attribution during an app installation process, to redirecting users to harmful websites.

How does it work?

There are various known ways attackers approach users for click hijacking. Most often, attackers use overlay-based techniques to enclose malicious sources in an invisible frame and deceive users into clicking on certain areas of a page. Below are some of the most common methods of click hijacking:

Transparent overlays

Attackers can overlay a transparent, legitimate page on top of a page containing malicious sources, disguising the malware. Users are tricked into thinking that the page is safe, but when clicked on, they are redirected to the malicious source underneath.

Cursor jacking

Attackers can take control of a user’s cursor by positioning it to a different element than the one the user was intending to click on. By manipulating the cursor’s movement and taking it to incorrect positions, users are prone to click on the embedded malware to be taken to the wrong space.

Fraudulent click reports

Click hijacking can be used as a type of attribution fraud in mobile marketing. When the malware hidden within an app detects a legitimate click, it intercepts immediately and sends a false click report. This report hijacks the original click and the install following it, making it seem like the false click was the last click received. By taking advantage of the last-touch model, fraudsters who distributed the false click report are able to take credit for the install.

Apart from these techniques, there are numerous possible approaches attackers can take to infiltrate user activity, depending on the desired end-action.

How to prevent click hijacking

Due to constantly developing malware interfaces, it is impossible to completely eradicate or block click hijacking attacks. However, here are some ways to protect your user safety and minimize the chances of experiencing these attacks:

Use X-Frame-Options

X-Frame-Options is an HTTP response header that specifies whether a page can be rendered in a frame. By denying the option to allow rendering, you can prevent your webpage from being embedded into malicious frames that can bait you.

Monitor your analytics data

For mobile marketers, regularly keeping track of your analytics data can help you identify click hijacking attacks that are falsely taking attribution for an install. When monitoring the data, if there are records of clicks happening immediately after a certain click, this may be a sign of click hijacking.

Use an MMP

MMPs such as Airbridge provides fraud detection and protection services that prevents your app from experiencing malware attacks like click hijacking. With Airbridge, you can personalize your fraud protection rules to align them with your business’s needs and safety regulations.

Put these concepts into practice

See how Airbridge helps teams implement mobile attribution strategies at scale.

Related Glossary Terms

Expand your understanding with related concepts.

Get Started Free
View Case Studies

A/B Testing

A/B Testing, a cornerstone of performance marketing, is a methodical approach that compares two versions of a webpage or app to determine which one performs better.

Active User

An Active user refers to an individual who interacts with a digital product, such as a website, app, or online platform, within a specific timeframe.

Ad exchange

An ad exchange is a facilitator of buying and selling advertising inventory.

Ad inventory

Ad inventory is the available spaces for ads on a particular platform or medium.

Ad mediation

Ad mediation is a technology that allows multiple ad networks to be managed through a single SDK. Ad mediation platforms streamline the ad delivery process and maximize revenue, CPM, and fill rates for publishers.

Ad monetization

Ad monetization generates revenue from advertising on a website or mobile app.