Researcher warns of browser 'tabnapping'
The attack allows a browser tab to change from a trusted site to a malicious one while the user isn't looking, according to a Mozilla developer.
A Mozilla user interface specialist has published proof-of-concept code for a new phishing technique, which makes use of morphing browser tabs to trick people into giving away log-in information.
Traditional phishing techniques generally lead a user directly to a malicious Web page that impersonates a trusted page, such as an online banking log-in site, which can then harvest the user's log-in information.
The new technique, called "tabnapping" or "tabjacking," demonstrated by Mozilla Firefox creative lead Aza Raskin in a blog post earlier this week, leads a user to what appears to be a genuine site that delivers the content promised.
Read more of "Phishing attack uses tricky 'tabnapping' technique" at ZDNet UK.