“Tabnabbing” is the new term in the directory of phishing attacks says Aza Raskin who is the creative lead at Firefox. It is one of the phishing attacks which work in the reverse way by not asking the user to click on anything but it would automatically open one of the fake pages in the inactive tabs of the browser. Let us consider that the user is working with multiple tabs open and few of the tabs are inactive for a long time. At this point of time, the phishing attack can take place which can change the address of the page to some other fake address. But, the page would seem to be more or less like a login page, very much similar to the ones that were opened by the user. It is an obvious reaction that when the login page is upfront, the user would enter his credentials and there fore the information is lost to the fake pages.
If one is wondering how this deadly phishing attack can enter one’s system then here is the explanation. Many websites have their own toolbars and plug-ins which would get attached to the browser. These plug-ins and add ones can be dangerous and they might lead to deadly attacks of this sort. Other client end scripts such as Java-script, ActiveX plug-ins and Flash plug-ins are also vulnerable. Raskin also says that this deadly attack can be more vicious as it is capable of making more analysis of the user browser caches and determine whether they are logged in or logged off the session so that the user do not get any doubt about the fake page.
Raskin has also launched a video to help users understand the working of the virus and that the users can also work on controlling the phishing attack through certain means. To avoid information breach the user should be more careful while entering the user credentials in the website. Most of the users do not look at the address bar and start entering the user credentials which can be very much fatal. The use of the password manager tools embedded with the Firefox will be very useful. Another tool which can be used is 1password. These tools match the website and the user credentials which are stored in the database and then let the user to get into the site. If the DNS of the website is not matching with the database they password manager would send alerts to the user.
With the help of muscle memory mode, it is possible to replicate the same address as it is stored in the database. Most hackers try to employ this type of mechanism to ensure that the users provide their information. It is always better to have a check over location tab when entering an important website. Bank credentials should be entered with a lot of care and the page should be secured while entering the information. When choosing to have plug-ins and add ones, it is best to check the source before adding the plug-ins. The plug-ins from the trusted sources is less prone to vulnerability.
That is scary. I have to remember which tab or site was opened.