Researcher warns of browser 'tabnapping'

The attack allows a browser tab to change from a trusted site to a malicious one while the user isn't looking, according to a Mozilla developer.

A Mozilla user interface specialist has published proof-of-concept code for a new phishing technique, which makes use of morphing browser tabs to trick people into giving away log-in information.

Traditional phishing techniques generally lead a user directly to a malicious Web page that impersonates a trusted page, such as an online banking log-in site, which can then harvest the user's log-in information.

The new technique, called "tabnapping" or "tabjacking," demonstrated by Mozilla Firefox creative lead Aza Raskin in a blog post earlier this week, leads a user to what appears to be a genuine site that delivers the content promised.

Read more of "Phishing attack uses tricky 'tabnapping' technique" at ZDNet UK.

About the author

Discuss Researcher warns of browser 'tabnapping'

Conversation powered by Livefyre

Show Comments Hide Comments