Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / Phishing / Tab napping | A new technique of phishing

Tab napping | A new technique of phishing

Posted by Deepanker Verma Sunday, November 7, 2010 0 comments


In traditional phishing, attacker by email or by any other way sent the phishing page url to the victim which looks like the original login page. But now a days attacker got a new way of phishing. This new way is called TAB NAPPING. 
Tab Napping works on the user's assumption that a tabbed web page stays the same when other Internet services are being accessed.Tab napping is more sophisticated than the traditional phishing and it no longer relies on persuading you to click on a link. Instead it targets internet users who open lots of tabs on their browser at the same time.



How does it work:- 
By replacing an inactive browser tab with a fake page to obtain your personal data - without you even realising it has happened.Fraudsters can actually detect when a tab has been left inactive for a while, and spy on your browser history to find out which websites you regularly visit, and therefore which pages to fake.
So don't assume that after you have opened a new tab and visited a web page, that web page will stay the same even if you don’t return to it for a time while you use other windows and tabs. Malicious code can replace the web page you opened with a fake version which looks virtually identical to the legitimate page you originally visited.


How To Detect And Protect Yourself From Tab Napping

Here are the simple and easy steps with which you can detect this new phishing technique “Tab Napping”.

1. Don’t open another tab when your are working with your banking site or any other secure businesswebsite instead open new windows using CTRL+N.
2. Always check the url address of the website if you return from another tab.(Fake page will have differentUrl)
3. Check that the url has secure address “https:// “ or a big green bar in front of the url in address bar which certifies that it is secure and certified website.
4. If you find anything suspicious close the tab and type and open the website in new Tab.
Categories: , ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz