Tabnapping Scams Around the Corner?
scamdetect writes “User Interface specialist and creative lead on Mozilla’s Firefox browser Aza Raskin has outlined a brand new variant on ‘phishing’ attacks which he has christened ‘tabnapping.’ Traditionally, phishing has relied upon convincing users to click on a link in an email to take them to a fake website such as their bank, credit card issuer or email account. Once the user logs in to the fake site, their details are transmitted to the fraudster and the account is immediately compromised. Public awareness of phishing emails is now relatively high and most people know not to click on links in emails appearing to come from such organizations. Tabnapping relies on the user believing that it is impossible for the content of a tab to change while you’re not looking. You may click on a link in Twitter, Facebook, or a ‘sponsored link’ in Google which will load a genuine webpage that delivers the content it promises. If you then click away from that site, leaving it open in a tab whilst viewing another website, the content of the original tab will change to a fake log-in page impersonating one of the websites you visit most often…”