Tabnabbing is a computer exploit and phishing attack, which persuades users to submit their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. The attack’s name was coined in early 2010 by Aza Raskin, a security researcher and design expert.
At least that is what Wikipedia is telling. But what is now actual tab nabbing. Okay, you see the work connection with kid nabbing. But it is actual the following what is done.
When you have opened many links in a browser then someone place a script in his browser that actual checks what is open. And without that you know it change the layout from a open tab with the content copy of that website that they want to attack. For example:
You have somewhere Facebook open. You visit some website with the script installed. It will change the Facebook o that page, but it still looks like the Facebook page. But only telling that you need to login again. You provide login details. And get a error. Attack script send login details to its own website. And collect it, and you get send back to Original Facebook page. You will probably not know it, until it is too late.
How to prevent Tabnabbing.
That is actual pretty simple. Here are some rules to prevent Tabnabbing:
- Check always the URL before entering information of a website.
- Be sure that you close the tabs that you do not need. (Also saves you memory, so your computer will not slow down)
- Want to be really sure, then always start with a NEW link. And do NOT use a old open link.
If you have questions, or want to tell more, then just place a comment !