"Tabnabbing" is making a comeback. For those unfamiliar, it's a phishing tactic that involves trapping internet users with a fake tab. The term is a contraction of two English words: "tab," and "nabbing," which means to trap in French. Alerted by the upsurge in attacks of this type during the first months of the year, the Spanish police published a series of alerts on social media. Law enforcement notably posted a short video on TikTok, likely in the hope of reaching younger users.
How does a "tabnabbing" attack occur?
The cyberattack targets internet users who are used to opening a multitude of tabs at the same time on their web browser. A survey conducted by Aalto University shows that an average internet user has 5 to 10 tabs open simultaneously. According to a Carnegie Mellon study, many users have well over 10 tabs open, often because they fear losing useful information. More than 30% of people consider themselves compulsive tab hoarders. Hackers will take advantage of this habit to direct you to a malicious page they developed.
As the Iberian police explain, "the cybercriminal can replace one of the websites you opened yourself with a malicious copy that perfectly imitates its appearance." Let's say you open the login portal for Facebook, your bank, or your PayPal account, and leave the tab inactive. The attacker will open a copy of the open website. Once you return to the tab with the intention of using it, you will see a message stating, for example, that "session has expired." You must therefore log in again. Many websites, including banking websites, quickly log out their users for security reasons. This is why the target is not surprised by the message. Technically, the hackers use a malicious script that identifies and copies inactive tabs. This automated program will redirect the target to a cloned tab, which has imitated all the visual elements of the inactive page, such as the title, design, content, and icon. The victim is then prompted to enter their login credentials, such as their username and password. The Internet user has no idea that they are not on the official website of their social network or bank, but on a pirate portal. They will therefore share their data. Sometimes, hackers also ask for bank details. All this data is immediately exfiltrated and sucked up by cybercriminals. They can use it to carry out other scams or to make fraudulent withdrawals from your account.
How to protect yourself against tab nabbing scams?
To protect yourself against tab nabbing attacks, the police recommend limiting the number of tabs open on your computer. The more tabs you have open on your web browser, the greater the risk that a cybercriminal will target you. The Spanish police advise to "keep only the windows you are using open and close all others.".
If you're worried about losing information by closing a tab, save the site or data you're interested in somewhere. To avoid the profusion of tabs and windows, we've gotten into the habit of dragging links into our browser's reading list or writing down the address, along with the interesting information, in a notes application.
Furthermore, the authorities recommend that Internet users get into the habit of keeping an eye on the URL of the pages they visit. In this case, simply looking at the address will tell you that the tab has been cloned. If you have the slightest doubt about the authenticity of the website, close the page and don't share any data. It's better to reopen the website, ideally through a Google search, than take the risk.
Source: El Periodico
0 Comments