Secure site “Timed Out” ? Beware of “Tab Napping” !

While logging in to my emails today I spotted a news item which highlighted a new, very sneaky form of phishing…. “Tab Napping“.

From the original Yahoo Finance article I read…

How does it work? By replacing an inactive browser tab with a fake page set up specifically to obtain your personal data – without you even realising it has happened.

Believe it or not, fraudsters can actually detect when a tab has been left inactive for a while, and spy on your browser history to find out which websites you regularly visit, and therefore which pages to fake.

So don’t assume that after you have opened a new tab and visited a web page, that web page will stay the same even if you don’t return to it for a time while you use other windows and tabs. Malicious code can replace the web page you opened with a fake version which looks virtually identical to the legitimate page you originally visited.

Two other articles, very similar to each other, can be found by following these links….

http://www.pcworld.com/article/197172/Tabnabbing.html?tk=rss_news

http://www.eweek.com/c/a/Security/Tabnapping-Attack-on-Web-Browsers-Makes-Phishing-Easy-673653/

Take care !

Advertisements
%d bloggers like this: