basically, thanks to the power of the modern internet browsers a website is able to have layers. these layers can be set to different levels of visibility and accessability. so what happens is they will hide one page below a different page and by lining up the click buttons they can trick you into giving up your myspace page, your email account, your bank login, etc. this clearly needs to stopped, so how do you protect yourself against it? there are two ways this can be prevented, server side and client side solutions. server side solutions tend to be a code that blocks the site from being used in frames, but this is only a partial solution since there are ways of doing clickjacking without using frames. client side solutions are absolute, but there is only one that i know of so far. if you are using ie, chrome, or safarie, good luck to ya, be careful what you click on. if you are using firefox you can install the plugin noscript which will protect you against this attack. be aware that noscript will by default disable all javascript and flash on nearly every website. what i did and recommend is that you go into the settings for it and enable scripting globally (bottom of the general tab) but keep the "clear click protection" which is what blocks the clickjacking attack (bottom of plugins tab).

clickjacking example
clickjacking wikipedia article
steve gibson, security expert, and leo laport discuss clickjacking
get firefox
get noscript for firefox