Doublecickjacking Hack double click on account acquisitions
Today, double click on a website without thinking that you can configure it for hackers to get to your information.
A new piracy trick called “DoubleClickjacking” converts its ordinary action into a cunning way so that the attackers take control of their account or change the configuration of their device.
We are going to break it down.
Stay protected and informed! Get security alerts and expert technology advice: register in the Kurt Cyberguy report now
Illustration of an individual who is being scammed. (Kurt “Cyberguy” Knutsson)
What is Doublecickjacking?
Doublekjacking is a new turn in an old piracy trick known as clickjacking. Normally, clickjacking works hiding malicious buttons under the real ones, so when you think you are clicking on something harmless, you are actually giving permission for something dangerous. With Doublecickjacking, he takes things one step further. It is activated when double clicking, allowing computer pirates to sneak into an additional and invisible command. Your first click can do something normal. The second click? That’s where the damage occurs.
What is artificial intelligence (AI)?
An illustration of a hacker at work. (Kurt “Cyberguy” Knutsson)
Get the News business on the fly by clicking here
Why is it a threat?
The terrifying part is how invisible this trick is. Double click is something that we all do automatically, often without thinking twice. But that simple action could be to give permission to computer pirates for:
- Access your web or microphone
- Change your browser settings
- Click “Allow” in a hidden emerging window
- Share your location
- Approve a login, payment or even a cryptographic transaction
What makes Doublecickjacking especially dangerous is that most websites were not designed to defend themselves. Traditional security characteristics generally protect against a single click, but often fail when a second click is involved. That small detail opens the door to the attackers to avoid protective layers.
This trick does not only affect websites either. You can also interfere with browser extensions such as cryptographic and VPN wallets, sometimes cheating on users to approve actions or protection output without realizing it. In mobile devices, a simple double touch can activate the same effect. To make things worse, this vulnerability is more widespread than one would expect. Many known websites have not yet fixed it. All that is needed is a fast double click in the wrong place, and without knowing it, you could give access to sensitive parts of your device.
Malware exposes 3.9 billion passwords in a great threat of cybersecurity
How does Doublecickjacking work?
Here is a simplified version of how the trick develops. A malicious website in silence invisible elements behind or on the visible, such as an integrated frame, a hidden button or emerging window disguised. On its first click, the attacker uses that action to reposition those hidden elements so that their next click lands exactly where they want. In his second click, without knowing it, he interacts with the hidden content. You may click “Allow” in the permission of a browser, authorize a login or disable a configuration, without ever realizing. Because modern browsers are fast, all this happens in a second fraction. All configuration and switch are practically invisible to the user. From your perspective, you feel like a normal double click.
Image of the security function on a computer. (Kurt “Cyberguy” Knutsson)
New Phishing Scam Outsmarts Security Codes to steal your information
How to protect yourself
Bubleckjacking can be cunning, but there are simple ways to stay safer online. Here are some practical steps that you can take right now:
1. Be careful to double click on unknown websites: It may sound obvious, but most of us click (and double click). If a site asks you to double anything, especially for login, permission or download, ask yourself if it is really necessary. Computer pirates hope you act quickly without thinking.
2. Keep your updated browser: Navigators such as Chrome, Edge and Safari regularly release patches for these vulnerabilities. That means delaying updates could leave it exposed to tricks like DoubleClickjacking. Turn on automatic updates if possible, or make sure you keep up to date with updates so that you are always protected.
3. Use strong antivirus software: Navigator -based tools and extensions can help block hidden or malicious scripts before they are executed, but are not infallible. The best way to safeguard the malicious links that install malware, which potentially access their private information, is to have strong antivirus software installed on all its devices. This protection can also alert it to the PHISHING Electronic Correos and Ransomware scams, maintaining their personal information and their safe digital assets. Get my elections for the best antivirus protection winners 2025 for your Windows, Mac, Android and iOS devices.
4. Use strong and unique passwords for each account: Do not reuse passwords. If an account is committed, computer pirates can use it to access their other accounts. A password administrator helps him create and store safe passwords effortlessly. Get more details about me The best password administrators reviewed by experts from 2025 here.
5. Limit unnecessary permits: Take control of your privacy by reviewing which websites have access to your camera, microphone and location. Many sites request these default permits, even when they do not need them. Go to the privacy settings of your browser and revoke access from anywhere you do not trust. For example, here is a guide on How to navigate Google’s privacy settings.
6. Avoid incomplete sites and emerging windows: If a website looks outdated, spam or aggressively pushes it to click something, get out of there. Avoid downloading random files and does not trust emerging windows that claim that you have won something, you need to “fix” your device or “check” your login information.
Windows Defender Security Center scam: How to protect your computer from false emerging windows
Kurt’s Key Takeways
Doublekjacking is a new smart turn in a classic piracy trick that allows cybercriminals to take control over their device or account, only from a simple simple click. Because this type of attack is almost invisible and works in popular browsers, it is important to stay alert. Always be careful when interacting with unknown websites, especially if you are asked to double click. Keeping your updated browser and limiting unnecessary permits can be very useful to reduce your risk. The most important thing is that having adequate digital protection tools can help stop these types of threats before reaching you.
Have you noticed strange behavior after double clicking on a site or having a close call with a scam? Get us knowing in Cyberguy.com/contact
Click here to get the News application
To obtain more technological tips and safety alerts, subscribe to my free Cyberguy Report newsletter when you head Cyberguy.com/newsletter
Ask Kurt or tell us what stories you would like us to cover.
Follow Kurt in his social channels:
- YouTube
Answers to the most informed Cyberguys questions:
- What is the best way to protect your MAC devices, Windows, iPhone and Android to be pirate?
- What is the best way to stay private, safe and anonymous while navigating the web?
- How can I get rid of robocalls with data elimination applications and services?
- How do I eliminate my private internet data?
New Kurt:
- Try the new Cyberguy games (crosswords, words searches, trivia and more!)
- Cyberguy exclusive coupons and offers
Copyright 2025 Cyberguy.com. All rights reserved.
Kurt “Cyberguy” Knutsson is a award -winning technological journalist who has a deep love for technology, equipment and devices that improve life with their contributions for News & News Business Startzing Mornings in “News & Friends”. Do you have a technological question? Get the free Kurt’s free newsletter, share your voice, an idea of the story or comment on Cyberguy.com.