New Type of Phishing Attack Goes After Your Browser Tabs

tabnabbing-phishing gbuzz-feed.png

Aza Raskin, the creative lead for Firefox, has just posted about a new type of potential phishing attack, dubbed “tabnabbing.” Raskin has a proof-of-concept and an explanation for how this type of attack could work.

Tabnabbing operates in reverse of most phishing attacks in that it doesn’t ask users to click on a obfuscated link but instead loads a fake page in one of the open tabs in your browser.

Check out this tabnabbing scenario:

  • You have a bunch of open tabs in your web browser, an e-mail page, Facebook, your bank account and maybe a bunch of news sites.
  • While you’re reading your favorite content, the attack is able to hone in on tabs that haven’t been used or aren’t in focus and replace the favicon (the icon in your tab bar) and the title of the tab.
  • When you click on that tab, a fake page is loaded in its place, maybe it is loaded to look like a standard login page.
  • Because you already had this tab open legitimately before, you don’t bother paying any attention to the URL in the address bar and you enter in your login information.
  • You’ve just sent your info to a nefarious third party.

Raskin shows off how this works in this video:

Pretty scary, right? Raskin details some methods that could make this sort of attack even more insidious, including checking to see if a user is currently logged in or out of a certain site in order to better offer up a believable fake page.

How would this attack get on your system to begin with, you might ask? Plugins and add-ons are the most common way that intruders can gain access to your system. Client-side script injections by way of JavaScript, Flash, ActiveX and so on are responsible for many browser attacks. This is just one more reason to always make sure you’re using an up-to-date web browser.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: