News Feed Comments

You are here: Home / Content / Articles - Informative / Watch Out! Tabnabbing is a New Gmail Phishing Attack

Watch Out! Tabnabbing is a New Gmail Phishing Attack

3

tabnabbing-gmail-phishing-thumb

Don't get tabnabbed.

This is a warning for all Gmail and Gchat fiends. There is a new phishing scam making it’s rounds, and its deceptively evil.

Many of us are hit with phishing emails and links often enough that we know better than to submit our login and password to just any old site claiming to be “Google”, “HSBC”, “Citibank”, etc. – but this attack is different. Instead of immediately portraying itself as one of these sites, it waits until you least expect it before it strikes.

It works like this:

  1. You open a web page. It doesn’t immediately appear threatening. You decide to check on your other tabs because it’s taking too long to load, or perhaps someone messaged you on facebook chat.
  2. After a period of time spent on tabs other than the one in question, the browser tab info changes. It doesn’t just change into anything - it changes into an near exact replicate of a Gmail (or similar) tab, icon and everything.
  3. You click back to the tab thinking Gchat must have logged you out for inactivity.
  4. You provide the credentials to log back in, and before you know it, you’ve been phished. Bummer.
  5. The site redirects you to your Gmail as if you just logged back in, when in fact you were never logged out to begin with.

Didn’t quite follow that? The video below shows you the attack in action:

[Source: www.azarask.in]

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Posted by McFly on Wednesday, June 16, 2010 at 7:09 am 
Filed under Articles - Informative · Tagged with , , ,

Related Posts

  1. Video: Microsoft Employees Make Hilarious “Gmail Man” Ads
    Video: Microsoft Employees Make Hilarious “Gmail Man” Ads
  2. Must Watch: Signs
    Must Watch: Signs
  3. Brazilian Woman Wins Right To Watch Porn At Work
    Brazilian Woman Wins Right To Watch Porn At Work

Comments

3 Responses to “Watch Out! Tabnabbing is a New Gmail Phishing Attack”
  1. Josh says:
    06/16/2010 at 7:19 am

    Its only a matter of time before this one gets me. I can’t even count how many times I’ve gotten that AntiVirus 2010 one, thank god for the IT guys.

  2. McFly says:
    06/16/2010 at 7:25 am

    Many of our mothers and fathers will fall for this, hook line ‘n sinker.

  3. Von Kaiser says:
    06/16/2010 at 8:01 am

    This happened to a coworker of mine on his personal computer. The result?

    I get an email from him on a Monday saying he was robbed in London (he sits in a different part of the building, so I hadn’t seen him the week before), and he needed help getting some money to get home.

    Admittedly, I feel for it for about 10 seconds. The reply email address was very close, too. So if the email address was Von.G.Kaiser@gmail.com, the scammer set up Von.G.Kaisor@gmail.com or something like that.

    It was a nightmare for my coworker. The scammer obviously changed his email address password. So he couldn’t even get back in.

    Be very, very careful.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!