Saturday, 29 May 2010

Phishing and Tabnapping

Many of us have heard about phishing where a user is shown a web page that looks like a known/trusted one but is in fact not. Thus fraudsters can gain login information from unsuspecting users. Now there is an advancement (if I can say so) in the sophistication of such attacks. A researcher has recently done something called tabnapping where a malicious tab impersonates an open genuine tab (just in case there is someone not aware of what a tab is - today all browsers, I think, allow the user to open multiple web pages within one single window, each web page opens in a separate tab).

For more information refer to this.

No comments: