Researcher warns of browser 'tabnapping'

The attack allows a browser tab to change from a trusted site to a malicious one while the user isn't looking, according to a Mozilla developer.

Matthew Broersma Special to CNET News

A Mozilla user interface specialist has published proof-of-concept code for a new phishing technique, which makes use of morphing browser tabs to trick people into giving away log-in information.

Traditional phishing techniques generally lead a user directly to a malicious Web page that impersonates a trusted page, such as an online banking log-in site, which can then harvest the user's log-in information.

The new technique, called "tabnapping" or "tabjacking," demonstrated by Mozilla Firefox creative lead Aza Raskin in a blog post earlier this week, leads a user to what appears to be a genuine site that delivers the content promised.

Read more of "Phishing attack uses tricky 'tabnapping' technique" at ZDNet UK.