TabShots: Client-Side Detection of Tabnabbing Attacks

Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
As the web grows larger and larger and as the browser becomes the vehicle-of-choice for delivering many applications of daily use, the security and privacy of web users is under constant attack. Phishing is as prevalent as ever, with anti-phishing communities reporting thousands of new phishing campaigns each month. In 2010, tab-nabbing, a variation of phishing, was introduced. In a tab-nabbing attack, an innocuous-looking page, opened in a browser tab, disguises itself as the login page of a popular web application, when the user's focus is on a different tab. The attack exploits the trust of users for already opened pages and the user habit of long-lived browser tabs.

Find By Topic