Tabnabbing - a new phishing technology for data theft

[ИнфоПоиск]

PandaLabs Antivirus Lab published a report on viral activity for the second quarter of 2010 (April-June). It turned out that 52% of the malware created in the last three months are trojans. Classic viruses also continue to spread actively (24.35%, which is 10 points more than at the beginning of the year). The largest number of infected computers in Taiwan, Russia and Turkey.

Also, a new, potentially dangerous phishing technique, Tabnabbing (“account seizure”), has spread. This technique uses an account viewing system in modern browsers. Users are sure that they are browsing familiar web pages such as Gmail, Hotmail, Facebook, and cyber criminals are stealing their data in the meantime. The principle of operation is very simple: cyber crooks use JavaScript to track the moment when the user does not view the page that he previously opened. At this time, the contents of the page are automatically overwritten, just like the icon and title, and the original page is hidden.

Suppose a user browses through various web pages, opens many accounts, and then wants to take a look, for example, at his Gmail account. Then he checks if he is open. And this is a fake Gmail web page. The user cannot remember when he got access to this page, and assume that a lot of time has passed since that moment, and the session has long expired. When a user enters their login details, a fake page saves them and redirects them to the original page. Therefore, PandaLabs advises users to close all pages that are not actively used.
newsland.ru

 

[Матушкин Андрей Николаевич]

Thank!