Click Hijacking

Click hijacking is a deceptive practice where user clicks are redirected to unintended actions or destinations.

Why it matters

Compromises user trust and experience.
Skews analytics and attribution data.

How to measure

Monitor unexpected click patterns.
Analyze discrepancies in conversion rates.

Details

Click hijacking occurs when a user's click is intercepted and redirected to a different action than intended. This can happen through malicious scripts or overlays that capture clicks meant for legitimate buttons or links. For mobile engineers, understanding click hijacking is crucial to maintaining app integrity and user trust. Growth teams should be aware of its impact on data accuracy, as it can lead to misattribution of user actions, affecting marketing strategies and ROI calculations.

To mitigate click hijacking, developers should implement robust security measures such as content security policies and regular code audits. Additionally, educating users about potential threats and encouraging them to report suspicious behavior can help in early detection and prevention.

Examples & formulas

An example of click hijacking is when a user clicks on a 'Download' button, but is instead redirected to an unrelated advertisement or phishing site.

Common mistakes

Ignoring security updates, which can leave apps vulnerable to hijacking.
Failing to monitor user behavior for anomalies, which can delay detection.