diff --git a/tools/walletextension/frontend/src/components/head-seo.tsx b/tools/walletextension/frontend/src/components/head-seo.tsx
index fa3af3f4ea..26a475374a 100644
--- a/tools/walletextension/frontend/src/components/head-seo.tsx
+++ b/tools/walletextension/frontend/src/components/head-seo.tsx
@@ -21,8 +21,14 @@ const HeadSeo = ({
       {/* Beagle Security */}
       <meta
         name="_vgeujvlkxz15hyr8vbuvqxnfmzlkm059"
+        // @ts-ignore
         signature="_vd3udx2g2hfn9zclob5cat43b94q7fyk"
       ></meta>
+      {/* SECURITY: to prevent the page from being loaded in an iFrame */}
+      <meta http-equiv="X-Frame-Options" content="deny"></meta>
+      {/* to indicate the browser shouldn't interpret the response as something other than the specified content type */}
+      <meta http-equiv="X-Content-Type-Options" content="nosniff"></meta>
+      {/* The Content-Security-Policy header is used to prevent a wide range of attacks, including Cross-Site Scripting (XSS) and other cross-site injections. */}
       {/* twitter metadata */}
       <meta name="twitter:card" content="summary_large_image" />
       <meta name="twitter:site" content={siteMetadata.twitterHandle} />