In this video, Aza Raskin of Mozilla demonstrates a new class of phishing attack in which the attacker is able to use malicious code in one browser tab to completely change the content in another tab on a victim’s browser.
Suggested articles
Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns
Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.
Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattacks
While the industry focus is on vehicle hacking, when it comes to the automotive industry cybercriminals are opting for less complex and sophisticated attacks – from phishing to ransomware.
Animal Jam Hacked, 46M Records Roam the Dark Web
Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum.
Discussion
InfoSec Insider
-
How to Update Your Remote Access Policy – And Why You Should Now
-
Tis’ the Season for Online Holiday Shopping; and Phishing
-
Defining Security Policies to Manage Remote Insider Threats
-
Digging into the Dark Web: How Security Researchers Learn to Think Like the Bad Guys
-
Election Security: How Mobile Devices Are Shaping the Way We Work, Play and Vote
Anonymous on
I think this scam exists because today I opened two tabs. One for my Yahoo mail and the other was a banking one. When I finished with online banking, I switched over to my Yahoo tab. I couldn't remember if I had logged out or not, but the login page looked different.
Usually there is a padlock picture just above the login area. This time, there was a shield picture which look unfamiliar. The URL also looked much longer and different from usual. Luckily, having been made aware of the scam (just today, in fact), I retyped the URL to the homepage, and proceeded to the login page - which returned back to what I expected. This is a worrying scam, and so easy to fall prey to.