What is the name of the attack that uses a transparent frame to overlay content and trick a user into interacting with a hidden element?

Clickjacking is a UI redress attack where an attacker places a transparent or hidden frame over a legitimate web page element. The user thinks they’re clicking visible controls, but the click actually targets controls inside the overlaid frame. This tricks the user into performing actions they didn’t intend, such as clicking a hidden button, approving a transaction, or following a link. The key idea is deceiving the user’s interaction by layering content so the real target is invisible or obscured. Other options don’t fit because they describe different attack vectors: phishing uses deceptive messages to lure credentials, dumpster diving is about rummaging through trash for sensitive data, and pharming redirects users to malicious sites by compromising DNS. Defenses against clickjacking include using framing protections like X-Frame-Options or Content-Security-Policy frame-ancestors, implementing frame busting, and requiring clear, independent user confirmation for sensitive actions.