AN INSECURITY EXPERT on Mozilla's Firefox web browser team has warned about a form of phishing attack dubbed 'tab napping'.
Aza Raskin said that while traditional phishing relies on getting users to click through on a URL and reveal their user credentials it is now well known that only the terminally dim fall for it.
Tab napping works on the user's assumption that a tabbed web page stays the same when other Internet services are being accessed.
Raskin said that if a fake page 'updates' when the user isn't looking, when they return to the tab they will simply presume they left a web page open, and log in as normal.
Whenever you log into a website, regardless of whether or not you have tabs open in the browser, you should check the URL to make sure it is using a secure https:// address. "If the URL doesn't look right, or there's no padlock, close the tab, open a new one and enter the URL again," he said.
There's more here. µ