The Inquirer-Home

Mozilla expert warns of tab napping

Beware the tabs that bite and the claws that rend
Wed May 26 2010, 13:30

AN INSECURITY EXPERT on Mozilla's Firefox web browser team has warned about a form of phishing attack dubbed 'tab napping'.

Aza Raskin said that while traditional phishing relies on getting users to click through on a URL and reveal their user credentials it is now well known that only the terminally dim fall for it.

Tab napping works on the user's assumption that a tabbed web page stays the same when other Internet services are being accessed.

Raskin said that if a fake page 'updates' when the user isn't looking, when they return to the tab they will simply presume they left a web page open, and log in as normal.

Whenever you log into a website, regardless of whether or not you have tabs open in the browser, you should check the URL to make sure it is using a secure https:// address. "If the URL doesn't look right, or there's no padlock, close the tab, open a new one and enter the URL again," he said.

There's more here. µ




Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?