Researcher warns of browser 'tabnapping'

The attack allows a browser tab to change from a trusted site to a malicious one while the user isn't looking, according to a Mozilla developer.

A Mozilla user interface specialist has published proof-of-concept code for a new phishing technique, which makes use of morphing browser tabs to trick people into giving away log-in information.

Traditional phishing techniques generally lead a user directly to a malicious Web page that impersonates a trusted page, such as an online banking log-in site, which can then harvest the user's log-in information.

The new technique, called "tabnapping" or "tabjacking," demonstrated by Mozilla Firefox creative lead Aza Raskin in a blog post earlier this week, leads a user to what appears to be a genuine site that delivers the content promised.

Read more of "Phishing attack uses tricky 'tabnapping' technique" at ZDNet UK.


Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET


Love heavy and clunky tablets?

Said no one ever. CNET brings you the lightest and thinnest tablets on the market.