Tab Napping

By -

By P@rth







Tab Napping is a new form of phishing that is hitting the internet now. With the conventional 
form of phishing, for example, you might receive an email that is supposedly from your bank,
 and it might ask you to login and update or confirm your account details, of course, there
 would be a link to your banks website in the email for you to click, which would take you
 to a page that looks identical to your real banks login page.

How does it works
Tab napping is more sophisticated than the phishing scams we’ve seen so far, and it no 
longer relies on persuading you to click on a dodgy link. Instead it targets internet users
 who open lots of tabs on their browser at the same time (for example, by pressing
CTRL + T).
 if you have multiple tabs open and you are reading the page on your current active tab, 
any of the other inactive browser tabs could be replaced with a fake web page that is set 
up to obtain your personal data, the web page will look exactly the same as the page you
 opened in the tab, you probably wont even even know it has been replaced with a fake 
page.
fraudsters can actually detect when a tab has been left inactive for a while, and spy on 
your browser history to find out which websites you regularly visit, and therefore which
 pages to fake.
This may surprise you, but phishers and fraudsters in general can actually detect when a
 tab has been left inactive for a period of time, which means they can spy on your browsing
 history, this tells them which websites and web pages you visit on a regularly basis, so 
they'll know which bank you use and which email account you use, whatever you view, they'll know about it,
 which means they'll know which fake pages to make to replace the real pages in your inactive tabs, you've now
 left yourself open to become a victim of tab napping.

How can you protect yourself against tab napping?
  
Here are five simple ways you can prevent yourself from falling victim:
 • Make sure you always check the URL in the browser address page is correct before you 
enter any login details. A fake tabbed page will have a different URL to the website you 
think you’re using.
• Always check the URL has a secure https:// address even if you don’t have tabs open 
on the browser.
• If the URL looks suspicious in any way, close the tab and reopen it by entering the 
correct URL again.
• Avoid leaving tabs open which require you to type in secure login details. Don't open
 any tabs while doing online banking - open new windows instead (CTRL + N).

Download Tabnapping Script from Azkan website:

Note: Source link may be malicious, open as your own risk..

Comments

Post a Comment

Popular posts from this blog

A Ten Year Journey: How SEO PowerSuite Has Kept Its SEO Tools Current

By -
Image
By Parth Makadiya I reviewed  PowerSuite set of tools in a previous post and am adding further information about their evolution through the years as part of a sponsored post series. We’ve all heard the old saying “The only thing that stays the same is that everything changes”. And in the online marketing industry, change has always been the name of the game. From staying on top of the zoo Google keeps throwing at us, to dodging curve balls from Facebook Ads, to figuring out each new social platform that pops up – if you aren’t flexible, then online marketing may not be for you. As our industry continuously shifts, the tools we use must change and adapt just as fast. Through out all the changes, one tool set has continued to help SEO experts attain higher rankings, increase traffic, and spy on their competition. We know them now as  SEO PowerSuite . Yet, this tool set has evolved over the last ten years. It’s fun to look back on where you’ve come through the waves of Goog
Read more

4 Ways to Crack a Facebook Password and How to Protect Yourself from Them

By -
Image
     We share our lives on Facebook. We share our birthdays and our anniversaries. We share our vacation plans and locations. We share the births of our sons and the deaths of our fathers. We share our most cherished moments and our most painful thoughts. We divulge every aspect of our lives. We even clamor to see the  latest versions even before they're ready  for primetime. But we sometimes forget who's watching. We use Facebook as a tool to connect, but there are those people who use that connectivity for malicious purposes. We reveal what others can use against us. They know when we're not home and for how long we're gone. They know the answers to our security questions. People can practically steal our identities—and that's just with the visible information we purposely give away through our public Facebook profile. The scariest part is that as we get more comfortable with advances in technology, we actually become more susceptible to hacking. A
Read more

Create Separate Contact Page in Blogger

By -
Image
By Parth Patel Share On Google+ Add This To Delicious Tweet/ReTweet This Share on Facebook StumbleUpon This Digg This Blogger launched it’s official version of the Contact Form Widget but, it works only on the Blogger Sidebar. If you don’t want to add the contact form to your Blog’s sidebar but want it to appear on a specific page, then this tutorial will help you out. I didn’t want the contact form to appear every where on my blog. So I have moved it to a separate Contact Me Page How to move the Blogger Contact Form to a separate Page Follow the below steps to move the Contact Form to a separate page. If you would like to see a demo, you can check out my Contact page. First, add the Blogger Contact Form Widget to your sidebar. (We will hide the contact form later in this tutorial, but you have to add it) .  Now create a new page in your blog Copy the below contact form code block <form name='contact-form'> <div>Your Name : </div> &
Read more