Hidden IFrame Hijackery Techniques

A list of nefarious tactics used to trick users into loading unwanted iframes.

1. The Classic Redirect

This involves setting the src attribute of an iframe to the same page it's on, but with a slightly different URL.

Read more about the Classic Redirect

2. The Framebusting Frame

A more aggressive approach that uses CSS to break out of the frame and load the real content.

See how to use the Framebusting Frame

3. The JavaScript Jockey

A sneaky method using JavaScript to load the content into an invisible iframe.

Learn more about the JavaScript Jockey