A new method of phishing has just surfaced that is a lot trickier to identify than a regular phishing scheme. It’s called tabnabbing, and the way it works is by tricking the user through opening a new tab in your browser with a phishing website.
The basic idea here is that a user will open a link that will take them to an ordinary looking page. Then the user will perhaps switch tabs temporarily to look at another website, and when they try to switch back to the original page, that page will be replaced with a phishing website. The phishing websites are usually disguised as normal sites like the Gmail login page or other e-mail logins. The URL will still point to the original web address, but the page displayed will be a fake Gmail page that will harvest your log in information and send it to the hacker.
It’s not that this phishing scam is particularly high tech- it’s just sneaky. It’s always important to be vigilent when navigating online. If you don’t know why the Gmail login page randomly popped up in your tabs, you shouldn’t type in your personal information and login. Make sure that whenever you are entering sensitive information onto a page, such as passwords or credit card numbers, that you have the correct URL address, even if you have already had the page open from before.
(Via Aza Raskin on Vimeo)