Comment by Too
6 months ago
This is just a variation of a trick that is as old as the internet. Most old attacks were using timing instead of double-clicking, usually by tricking the user to click on a bouncing monkey to win a price, instead hitting what was behind.
The real question is, how have browser vendors still not learned. Don't allow any clicks the first moments after a focus change.
If they implement that without an opt-out in the settings, even if buried deep, using the web as a 'power user' will become even more painful!