• RSS
  • Twitter
  • FaceBook

Deb Shinder’s Blog RSS

All Blogs  »  Deb Shinder's Blog  »  Microsoft Security Space  »  Blog article: What is tabnabbing?

What is tabnabbing?

Just when you thought you’d heard about every type of attack known to man, along comes another. This one is called “tabnabbing” and as you might guess, it’s a browser-based attack. It’s actually a variation of phishing, whereby the malicious site takes advantage of multi-taskers who have multiple tabs open to change the content in an open tag that has lost focus. The point is to get the user to click the tab and type in his or her logon information, which the attacker collects and uses. Interesting, Firefox is said to be most vulnerable to this.

Read more here:

http://searchbliss-webmaster.blogspot.com/2010/05/...k.html

This entry was posted on Sunday, May 30th, 2010 at 6:21 pm and is filed under Microsoft Security Space. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “What is tabnabbing?”

  1. How to stop Tabnabbing Says:

    June 13th, 2010 at 1:49 pm

    Even with firefox I’ve even tried it without changing tabs and it also does it - so it’s doubly dangerous.

    If you select a different window on the desktop (but NOT change tabs in the browser) the script still detect this and does the page-switch.

    Very intruiging. So simple as well. In pursuit to stop it at http://www.howtostoptabnabbing.com

    It’s a concern how the less savvy are going to treat (or be treated by tabnabbing)

    Ian

Leave a Reply


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register