An insecurity expert on Mozilla's Firefox web browser team has warned about a form of an advansed phishing attack also known as 'tab napping'.
- WAT IS TAB NAPPING?
Unlike the traditional
phishing that relies on getting users to click through on a URL that
redirect to the phishing site and reveal their user credential, Tab
napping relies on a fact that most people use tabbed browsing (Openning
multiple tabs while browsing)
- HOW DOES TAB NAPPING WORK?.
During a tab napping attack, One of the inactive tabs is replaced by a phishing page without the user's knowladge. For
example one of your inactive tab in which you have opened your facebook
account will be automatically replaced with the phishing login page
that looks exactly like that of facebook and you will be asked to enter
your Username and password. Once these details are entered, they will be
sent to the hacker & you will be redirected to the Original
facebook
- HOW TO PREVENT THIS ATTACK?
Tab
napping always takes advantage the user's assumption that a tabbed web
page stays the same when other Internet services are being accessed.
Therefore to protect yourself from this type of an attack, you always
have to;
- Log out & close the tab when it is unusable
- Always Check the url when returning from another tab, make sure it is on secure connection (https://site.com)
- Close & open a new tab if u notice anything unussual about the url
- Format the habit of openning multiple tabs unnecessarily when browsing the web