TAB NAPPING


An insecurity expert on Mozilla's Firefox web browser team has warned about a form of an advansed phishing attack also known as 'tab napping'.
  •  WAT IS TAB NAPPING?
  Unlike the traditional phishing that relies on getting users to click through on a URL that redirect to the phishing site and reveal their user credential, Tab napping relies on a fact that most people use tabbed browsing (Openning multiple tabs while browsing)
  • HOW DOES TAB NAPPING WORK?
During a tab napping attack, One of the inactive tabs is replaced by a phishing page without the user's knowladge. For example one of your inactive tab in which you have opened your facebook account will be automatically replaced with the phishing login page that looks exactly like that of facebook and you will be asked to enter your Username and password. Once these details are entered, they will be sent to the hacker & you will be redirected to the Original facebook
  •  HOW TO PREVENT THIS ATTACK?
Tab napping always takes advantage the user's assumption that a tabbed web page stays the same when other Internet services are being accessed. Therefore to protect yourself from this type of an attack, you always have to;
  1. Log out & close the tab when it is unusable
  2. Always Check the url when returning from another tab, make sure it is on secure connection (https://site.com)
  3. Close & open a new tab if u notice anything unussual about the url 
  4. Format the habit of openning multiple tabs unnecessarily when browsing the web

0 comments:

Click to view all comments:

Post a Comment

 
Copyright © 2011. Ethical Hacking Unleashed . All Rights Reserved.
Company Info | Contact Us | Privacy policy | Term of use | Widget | Advertise with Us | Site map
Template modify by Creating Website