Researcher warns of browser 'tabnapping'

The attack allows a browser tab to change from a trusted site to a malicious one while the user isn't looking, according to a Mozilla developer.

A Mozilla user interface specialist has published proof-of-concept code for a new phishing technique, which makes use of morphing browser tabs to trick people into giving away log-in information.

Traditional phishing techniques generally lead a user directly to a malicious Web page that impersonates a trusted page, such as an online banking log-in site, which can then harvest the user's log-in information.

The new technique, called "tabnapping" or "tabjacking," demonstrated by Mozilla Firefox creative lead Aza Raskin in a blog post earlier this week, leads a user to what appears to be a genuine site that delivers the content promised.

Read more of "Phishing attack uses tricky 'tabnapping' technique" at ZDNet UK.

About the author
 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Uber's tumultuous ups and downs in 2014 (pictures)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)
Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)