Web Browser Attack-TabNapping

We are living in the jungle of web, we have different web-browser to view internet websites. Different vulnerability on browser’s arising every day and you have to be aware these new attack to protect your infrastructure.

As you know in the phishing attacker send a URL to the victim and victim has to click on URL to go on phishing page, now the thing is change a new term has been discovered that is TabNapping, tabnapping is a web-browser attack and the new way of phishing attack in which victim not require to click any URL.


In this attack one of you browser tab replace with another page without your knowledge and permission, for example in one of your browser tab you have opened any website it will automatically replaced with the phishing side and the normal user’s does not look to the URL.

Instead of explain all the stuff here on text format i want to share a video demonstration of tabnapping.






Is this the owner and admin of a particular website responsible for this attack? i think no an attacker can find any bug on any website like a cross site scripting and after this an attacker can enter their script to perform Tabnapping attack.

Protection
  • Do not login on any tab, that you have not open it by yourself.
  • Look around the URL before login to any website.
  • If you find any suspicious than close the tab and open new one.
  • Update your browser.
  • Do not open many tab while you are working on your secure website or important websites.


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

LINUX GAME HACKING GUIDE 2021

In the past, most games had cheat codes, yet these days it's more uncommon. As a programmer, I like to perceive how things work,...

Phishing Prevention: How to Secure Your Organization Against Phishing Attacks

Phishing is a type of cyberattack that aims to trick people into giving up their sensitive information or hack into a system by means...

Automated Penetration Testing Prevents High-Risk Vulnerabilities

According to new research from Positive Technologies, a substantial 84% of companies contain high-risk vulnerabilities within their network perimeter. Scanning as many as 3,514...

Security Concerns When You’re Running Your Company From Abroad

The world of technology makes it possible for entrepreneurs to run their businesses from any location worldwide. You could travel and move to any...

LOOKING FOR HACKING RECIPES FORM THE PRO?

Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.