New Phishing Threat PDF Print E-mail
New phishing attack manages to change the content of your tabs.

We've all come to terms with the fact that we could not possibly have won the UK Lottery (which we didn't enter) and that clicking on banking links in emails is Bad, but what about casually surfing the Internet with multiple tabs open? Unlike with other scams, there is no way the user can be blamed when one of these tabs magicly transforms into a scam that looks exactly like the page you were just visiting is there?

This horror is the new phishing reality, and it has a name: tabnabbing.

Users can fall prey to such a scam when they visit a site with a script that waits for a few minutes or hours, and then quietly changes both the content of the page and the icon and descriptor to something the user normally logs into: eg Google, Facebook, Online banking... The scam relies on the fact that the user will forget exactly what was open in which tab and enter in their details, making their account immediately vulnerable. The url in the address bar might not even change and the user may not even be aware of the scam as Firefox's Aza Raskin explains:

“When they click back to the fake Gmail tab, they’ll see the standard Gmail login page, assume they’ve been logged out, and provide their credentials to log in. After the user has enter they have entered their login information and sent it back your server, you redirect them to Gmail. Because they were never logged out in the first place, it will appear as if the login was successful.”
He provides an example and some more information here.

Experts recommend that users install some kind of script blocker (add-ons are available for most browsers) and remain aware at all times of what tabs they have open.




Comments (1)Add Comment
0
...
written by replica air king watches, July 30, 2010
Thank you for sharing such good experience.I also like to write such things in own blog. Our replica tonino lamborghini watches
are very good!

Add your 2Cents
You must be logged in to post a comment. Please register if you do not have an account yet.

busy

Related news items:
Newer news items:
Older news items:

 

Member Login


Archives

Online Users

0 users online