Tabnabbing - New Phishing Attack

What is Tabnabbing?

It is a new type of computer exploit and phishing attack, which induce users to type their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. This attack was known early 2010 by Aza Raskin, a security researcher and design expert. The attack takes advantage of user trust and inattention to detail in regard to tabs, and the ability of modern web pages to rewrite tabs and their contents a long time after the page is loaded.

It is new type of phishing attack. Tabnabbing are targeted attacks - hackers scour for vulnerabilities in HTML script, image loads, and various web browsers. Methods like this allow hackers to detect which site a user is visiting, or what sites a user visits regularly.

Tabnabbing Scenario

Tabnabbing usually works in the following way:

  • A user opens a malicious website along with multiple other tabs in the browser.
  • The malicious website uses some malicious scripts to detect the tab is idle and inactive. This usually happens when the user is inattentive and the webpage is left unattended for some time.
  • Once the above condition is met, the malicious script executes itself and rewrites the whole webpage in the tab where the malicious webpage was opened.
  • To give an example, the webpage can rewrite itself completely and open instead a fake webpage which looks identical to Gmail login page.
  • To evade detection, the scripts can even change the title of the webpage shown in the tab along with the favicon which is displayed as an image on the left side of the webpage title.
  • When the user comes back to his open browser, he usually relies on the favicon and the webpage title to know what all tabs he had opened.
  • In our case, when the user comes back and looks at his browser, he would see Gmail login page is opened in one of the tabs. He may rely on the title and favicon and fail to notice other signs of this phishing attack.
  • If the user now provides his credentials to the fake Gmail page, the credentials and other sensitive personal data will be stolen by the criminals.

How To Prevent Tabnabbing? - Tabnabbbing Fighter

TGS has developed "Tabnabbbing Fighter" browser extension/addon. This extension prevent you from tabnabbing attack. "Tabnabbing Fighter" is the only extension that gives tabnabbing protection in Chrome and Firefox browser. We also continuously updating features of extension. We will soon launch "Tabnabbing Fighter" protection for Safari, Opera and other popular browsers.

Extension having stats which will gives you number of tabnabbing links has been fixed by "Tabnabbing Fighter". You can download from given links by clicking browser logo in next section.