The Inquirer-Home

Mozilla expert warns of tab napping

Beware the tabs that bite and the claws that rend
Wed May 26 2010, 13:30

AN INSECURITY EXPERT on Mozilla's Firefox web browser team has warned about a form of phishing attack dubbed 'tab napping'.

Aza Raskin said that while traditional phishing relies on getting users to click through on a URL and reveal their user credentials it is now well known that only the terminally dim fall for it.

Tab napping works on the user's assumption that a tabbed web page stays the same when other Internet services are being accessed.

Raskin said that if a fake page 'updates' when the user isn't looking, when they return to the tab they will simply presume they left a web page open, and log in as normal.

Whenever you log into a website, regardless of whether or not you have tabs open in the browser, you should check the URL to make sure it is using a secure https:// address. "If the URL doesn't look right, or there's no padlock, close the tab, open a new one and enter the URL again," he said.

There's more here. µ

 

 

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Internet of Things at Christmas poll

Which smart device are you hoping Santa brings?