Read more of this story at Slashdot.
Feeds
34730 items (30217 unread) in 5 feeds
OpenSource
(5766 unread)
-
SourceForge.net: Front page news
(802 unread)
-
Slashdot: IT (4964 unread)
Security
(11367 unread)
-
Digg / Security (11367 unread)
Linux
(13084 unread)
-
-
Slashdot: Linux (1660 unread)
Slashdot: IT
-
Tabnapping Scams Around the Corner?
Posted: May 25th, 2010, 2:54pm CEST by CmdrTaco
Tags: security
scamdetect writes "User Interface specialist and creative lead on Mozilla's Firefox browser Aza Raskin has outlined a brand new variant on 'phishing' attacks which he has christened 'tabnapping.' Traditionally, phishing has relied upon convincing users to click on a link in an email to take them to a fake website such as their bank, credit card issuer or email account. Once the user logs into the fake site, their details are transmitted to the fraudster and the account is immediately compromised. Public awareness of phishing emails is now relatively high and most people know not to click on links in emails appearing to come from such organizations. Tabnapping relies on the user believing that it is impossible for the content of a tab to change while you're not looking. You may click on a link in Twitter, Facebook, or a 'sponsored link' in Google which will load a genuine webpage that delivers the content it promises. If you then click away from that site, leaving it open in a tab whilst viewing another website, the content of the original tab will change to a fake log-in page impersonating one of the websites you visit most often ..."