In this video, Aza Raskin of Mozilla demonstrates a new class of phishing attack in which the attacker is able to use malicious code in one browser tab to completely change the content in another tab on a victim’s browser.
New Phishing Attack Exploits Tabbed Browsing
In this video, Aza Raskin of Mozilla demonstrates a new class of phishing attack in which the attacker is able to use malicious code in one browser tab to completely change the content in another tab on a victim’s browser.
Anonymous on
I think this scam exists because today I opened two tabs. One for my Yahoo mail and the other was a banking one. When I finished with online banking, I switched over to my Yahoo tab. I couldn't remember if I had logged out or not, but the login page looked different.
Usually there is a padlock picture just above the login area. This time, there was a shield picture which look unfamiliar. The URL also looked much longer and different from usual. Luckily, having been made aware of the scam (just today, in fact), I retyped the URL to the homepage, and proceeded to the login page - which returned back to what I expected. This is a worrying scam, and so easy to fall prey to.