![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
rhu"Tabnapping" is a new phishing technique. All you need to know in one sentence: If you go to a browser tab and it looks like Google or some other site has signed you out after inactivity, DON'T SIGN BACK IN ON THAT PAGE, but close that tab and open a FRESH one to sign in.
Details for the technically inclined are at http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/ along with a proof-of-concept implementation.
This is real, it's clever, and while I haven't heard of it being used for real yet, it was announced yesterday so by now I'm sure it's out there. Spread the word.
Details for the technically inclined are at http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/ along with a proof-of-concept implementation.
This is real, it's clever, and while I haven't heard of it being used for real yet, it was announced yesterday so by now I'm sure it's out there. Spread the word.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
(no subject)
Date: 2010-05-27 04:19 pm (UTC)(no subject)
Date: 2010-05-27 08:31 pm (UTC)(no subject)
Date: 2010-05-27 04:58 pm (UTC)You may want to EMPHASIZE THAT A LITTLE. :-)
The normal Internet defenses I use forced his exploit to fail. :-)
(no subject)
Date: 2010-05-28 03:24 am (UTC)My usual settings prevented it from working for me with his site, but that doesn't mean someone couldn't pull it off anyway. Good to have the warning. (I watched the video rather than lowering my defenses. :-) )