Tabnapping: New Phishing Attack

By: Absolute Team | 6/4/2010

There's a new kind of phishing attack on the rise, and it's called tabnapping.

What is tabnapping?
You click a genuine link to load a genuine website. You then click away from that website into another tab. The content of the original tab is changed to a fake site, most often a login screen to a common site like Facebook or Gmail. You, later returning to that tab, assume it's real and log in. Because you probably have many tabs open, you most likely won't realize this tab is not what you left it as.

Here's a video that explains tabnapping:

A New Type of Phishing Attack from Aza Raskin on Vimeo.

As the video explains, you now need to be wary of all your tabs and how they can be "taken over". Always be sure to check the URL of the tab to make sure that Gmail really is and not some rogue website.

Via ZDNet UK, Computerworld, Scam Detectives

Financial Services