So far in this blog i have explained about Phishing attacks in detail , I have written articles on How you can hack Face book , GMail or any other email account by using a Phisher (fake page ) , If your new to the concept of Phishing i would recommend you to read the following articles before reading this one
In this article i'll explain a new phishing technique called as "Tabnabbing" Which is getting very popular now a days
What is Tabnabbing ?
Tabnabbing is a new type of phishing attack. It basically refers to a website that is changing its look and feels to a fake website after some time of inactivity. It is about a page we’ve been looking at, but will change behind our backs, when we aren’t looking
How The Attack Works ?
A user navigates to a normal looking website. A custom code detects when the page has lost its focus and hasn’t been interacted with for a while. The favicon gets replaced with that of GMail (or any other website), while the title with “Gmail: Email from Google”, and the page with a Gmail login look-a-like. This can all be done with just a little bit of Javascript that takes place instantly.
As the user scans their many open tabs, the favicon and title can easily fool the user to simply think he left a Gmail tab open. When he clicks back to the fake Gmail tab, he’ll see the standard Gmail login page, assume he has been logged out, and provide his credentials to log in. The attack preys on the perceived immutability of tabs.
After the user has entered their login information ,He is redirect to Gmail.as in Normal Phishing attack
Demonstration of a Tabnabbing Attack
Commonly Targeted Web sties
These attacks are commonly target towards Online Banking websites , But why Online Banking websites ?All most all banking websites have a security feature in which " If you have logged into your online Banking account and left it idle for a few minutes, it automatically logs you out as a precaution " .Due to this feature Tabnabbing is very handy in attacking users of online banking because the users feel that he/she would have logged in to the bank account and the session has expired.
How Can You Protect Yourself From This Attack ?
You can protect yourselves from this attack by using Firefox Browser. But Why Firefox ? Because Firefox has lots of addons (plugins) which can protect you from this attack or any other phishing attack ,so stop using your crappy web browsers such Internet explorer, switch to Firefox
Some of the Best Anti-phishing Fire Fox addons are listed below you can use them for your safety
So i hope this Information helps You ,In my next post I'll explain how you can use this method (tabnabbing) to hack Facebook ,Gmail accounts
In this article i'll explain a new phishing technique called as "Tabnabbing" Which is getting very popular now a days
What is Tabnabbing ?
Tabnabbing is a new type of phishing attack. It basically refers to a website that is changing its look and feels to a fake website after some time of inactivity. It is about a page we’ve been looking at, but will change behind our backs, when we aren’t looking
How The Attack Works ?
A user navigates to a normal looking website. A custom code detects when the page has lost its focus and hasn’t been interacted with for a while. The favicon gets replaced with that of GMail (or any other website), while the title with “Gmail: Email from Google”, and the page with a Gmail login look-a-like. This can all be done with just a little bit of Javascript that takes place instantly.
After the user has entered their login information ,He is redirect to Gmail.as in Normal Phishing attack
Demonstration of a Tabnabbing Attack
Commonly Targeted Web sties
These attacks are commonly target towards Online Banking websites , But why Online Banking websites ?All most all banking websites have a security feature in which " If you have logged into your online Banking account and left it idle for a few minutes, it automatically logs you out as a precaution " .Due to this feature Tabnabbing is very handy in attacking users of online banking because the users feel that he/she would have logged in to the bank account and the session has expired.
How Can You Protect Yourself From This Attack ?
You can protect yourselves from this attack by using Firefox Browser. But Why Firefox ? Because Firefox has lots of addons (plugins) which can protect you from this attack or any other phishing attack ,so stop using your crappy web browsers such Internet explorer, switch to Firefox
Some of the Best Anti-phishing Fire Fox addons are listed below you can use them for your safety
So i hope this Information helps You ,In my next post I'll explain how you can use this method (tabnabbing) to hack Facebook ,Gmail accounts
Very nice tutorial u gave...Thx for ur effort..=D
REPLYI don't get witch JavaScript I have to replace! I also don't know what Code I replace from the old JavaScript! Please explain the steps clearly and just help me with the tutorial.
REPLY@Anonymous
I told you that i will be posting about it , so please Be patient
I like it!
REPLYDat waz really nice
REPLYI have read this article ..... a good one... but i have also found some interesting material at http://freefeast.info/general-it-articles/tabnabbing-be-safe-from-black-hats/ regarding Tabnabbing.... Thought you people might like it...
REPLYI think this tabnabbing is another way to go, phishing is not bad but i guess its kinda getting detected pretty quick
REPLYone problem i m having with tabnabbing is how are u sure the targetee opened the first page that then transformed into the phish page later..that is my concern.... because if the targetee didnt open it at all then it might sponge up suspicious.
Use the form below to comment. No spam please!!!