Hai, first of all i was busy for the past two weeks. Have not been able to update my blog for a while. Anyway let us go straight foward to our topic. Recently a new type of phishing attack known as Tabnabbing are being used.
How Tabnabbing works?
1. The attackers must have website
2. The user will visit attacker site which is look like a normal site.
3. The user switches from this attacker site tab and opens another site in new tab, leaving this attacker site tab open. Assume that user opens many tabs.
4. While the user browses another site, the attacker site which is left open in previous tab changes or redirects itself to a phishing page say Gmail login.
5. Now, when the user returns back to this tab, he may not remember exactly which site he had opened. He will now see fake Gmail login and will think that he has left this Gmail login tab open.
So, now, without checking out url of the site, the user is most probable of logging in to his account.
6. Once we enter our login user id and password in his/her phisher, this information is sent to their inbox or any online account. Thus, our account hacked using this Tabnabbing
No comments:
Post a Comment