Tabnapping Web Browser Attack Makes Phishing Easy

Wednesday May 26th 2010 by Staff

Mozilla staffer shows how criminals could change an open browser tab into a phishing site.

eWeek: If you leave multiple tabs open while browsing, you could be leaving yourself open to a new type of phishing attack known as "tabnapping." Discovered by Mozilla's Aza Raskin, the scam works like this: First, the user visits a compromised Web site. Malware from that site determines which sites the user often visits (Gmail, Citibank, etc.). It then changes one of the browser tabs that is open but not currently in use into a fake version of one of those sites. When the user clicks on the tab and enters login credentials, the criminals can then steal the information.

The technique works on all major browsers on both Windows and OS X.

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved