Tabnabbing
Tabnabbing Definition
Tabnabbing is a type of phishing cyberattack that involves changing the appearance of an open web page in an inactive browser tab. While the user isn’t looking at that particular tab, the page rewrites its contents to look like another site’s login screen. The goal is to trick the user into entering their login credentials or other personal information through a fraudulent opened tab.
How Tabnabbing Works
Tabnabbing exploits inactive browser tabs that remain open while a user is viewing other pages. It typically starts with the user opening a web page from an email or a search engine result. The page initially looks harmless, making the user more likely to leave it open in the background.
When the user switches to another tab, the page runs scripts that change its contents, tab header, and thumbnail. This usually makes the site look like the login page of another site, such as a social network or email provider. It can also display a message about an expired session, prompting the user to log in again.
Detecting and Defending Against Tabnabbing
- Inspect the URL and verify that the address bar matches the expected site. Pay attention to misspellings or extra characters, which are signs of a homograph attack.
- Close pages that appear suddenly and look like unfamiliar sites.
- Open a new tab and manually go to the site that the suspicious tab claims to be.
- Close idle tabs regularly. Keeping the number of open tabs to a minimum makes it easier to notice if a tab’s behavior suddenly changes.
- Enable two-factor authentication. Protecting accounts with multiple authentication methods helps in case their passwords are compromised.
- Keep the browser up-to-date. Updating the browser applies the latest security patches, which can include anti-spoofing measures to prevent tabnabbing.
- Use a password manager. Relying on it to recognize fake login pages works because it only offers to auto-fill passwords on legitimate sites.
Read More
- What to Do If You Click on a Phishing Link?
- What Is a URL Redirection Attack?
- What Is an Impersonation Attack?
FAQ
No. Though both are phishing techniques, they work differently. A redirection attack sends the user to a different webpage or website, often without their knowledge. Tabnabbing keeps the user in an existing browser tab, but it rewrites the page’s contents to imitate a trusted site.
Detecting a tabnabbing attack in real time can be hard because it triggers once the user switches to another tab. A reliable way to confirm a tabnabbing attack is checking the page’s URL and contents very carefully. Alternatively, open a new tab and manually go to the impersonated site to compare it with the suspicious tab.
Defending against tabnabbing generally comes down to recognizing and closing phishing pages without giving up any information. Some browsers automatically block some kinds of scripts used in tabnabbing or have browser extensions that prevent them.
45-Day Money-Back Guarantee