Clickjacking poses serious risks, especially because the victim is unaware of their own actions. Some major threats include:

• Unauthorized Actions: Users may unknowingly “like” posts, follow accounts, or make purchases without intent.
• Credential Theft: Login buttons could redirect to phishing sites, stealing usernames and passwords.
• Access Control Abuse: Clicking could change security settings, authorize app access, or initiate harmful transactions.
• Malware Installation: Some clickjacking attacks can lead to the download and installation of malicious software.
• No Traceability: Since the user was genuinely authenticated and clicked the button, the action appears legitimate and can’t be easily reversed or traced.