In this video, Aza Raskin of Mozilla demonstrates a new class of phishing attack in which the attacker is able to use malicious code in one browser tab to completely change the content in another tab on a victim’s browser.

Categories: Videos, Vulnerabilities, Web Security

Comment (1)

  1. Anonymous
    1

    I think this scam exists because today I opened two tabs.  One for my Yahoo mail and the other was a banking one.  When I finished with online banking, I switched over to my Yahoo tab.  I couldn’t remember if I had logged out or not, but the login page looked different.

     

    Usually there is a padlock picture just above the login area.  This time, there was a shield picture which look unfamiliar.  The URL also looked much longer and different from usual.  Luckily, having been made aware of the scam (just today, in fact), I retyped the URL to the homepage, and proceeded to the login page – which returned back to what I expected.  This is a worrying scam, and so easy to fall prey to.

Comments are closed.