ScamVictimsUnited.com

There is strength in numbers.

Scams in Today's News:


Bookmark and Share
It is currently Thu Mar 28, 2024 4:05 pm



All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: Tab napping - a new online scam
PostPosted: Wed Jun 09, 2010 7:23 pm 
Offline
Moderator

Joined: Sat Dec 06, 2008 10:39 pm
Posts: 414
Location: Third Rock from the Sun
Just when I think I had heard it all. This puts a new twist on phishing scams.


http://uk.biz.yahoo.com/07062010/389/ta ... -scam.html

Watch out for this new online phishing scam which uses 'tab napping' to attack your computer - and your finances...

As internet users we’re all vulnerable to online scams. Unluckily for us, as soon as we become pretty good as spotting one type of attack, another more sophisticated version comes along in its place. In fact, technology company Mozilla - which developed the Firefox web browser - has recently warned against a possible threat from a new scam known as ‘tap napping’ which takes phishing one step further.


What is tab napping?

Tab napping is essentially a new kind of phishing scam. Until now phishing has involved sending hoax emails in an attempt to steal your usernames, passwords and bank details. Often the sender will claim to be from your bank and will ask you to verify your bank details by clicking on a link contained in the email.

The link actually directs you to a fake website which looks just like your bank's own website. Once you have typed in your login details they can be accessed by the criminals who set the fake site up.

But we’re beginning to wise up to phishing attacks like this, and many of us know we should be very wary of clicking URLs even if they appear to be in a legitimate email.

With awareness of phishing on the up, making it more difficult for scammers to succeed, tab napping could be the scam to watch out for next.

How does tab napping work?

Tab napping is more sophisticated than the phishing scams we’ve seen so far, and it no longer relies on persuading you to click on a dodgy link. Instead it targets internet users who open lots of tabs on their browser at the same time (for example, by pressing CTRL + T).

How does it work? By replacing an inactive browser tab with a fake page set up specifically to obtain your personal data - without you even realising it has happened.

Believe it or not, fraudsters can actually detect when a tab has been left inactive for a while, and spy on your browser history to find out which websites you regularly visit, and therefore which pages to fake.

So don't assume that after you have opened a new tab and visited a web page, that web page will stay the same even if you don’t return to it for a time while you use other windows and tabs. Malicious code can replace the web page you opened with a fake version which looks virtually identical to the legitimate page you originally visited.

How might tab napping work in practice?

Imagine you open the login page for your online bank account, but then you open a new tab to visit another website for a few minutes, leaving the first tab unattended. When you return to your bank’s site the login page looks exactly how you left it. What you haven’t realised is that a fake page has taken its place, so when you type in your username and password, you have inadvertently given the fraudster easy access to your account.

Even if you have already logged into your bank account before opening another tab, when you return you might find you’re being asked to login again. This may not necessarily rouse any suspicion since you might simply assume your bank has logged you out because you left your account inactive for too long. You probably won’t even think twice before logging in for a second time. But this time round you have accidently inputted your security details into a fraudster’s fake page which have been sent back to their server.

Once you have done so, you can then be easily redirected to your bank’s genuine website since you never actually logged out in the first place, giving you the impression that all is well.

How can you protect yourself against tab napping?

This is pretty scary stuff but thankfully tab napping should be relatively easy to avoid. Here are five simple ways you can prevent yourself from falling victim:
Make sure you always check the URL in the browser address page is correct before you enter any login details. A fake tabbed page will have a different URL to the website you think you’re using.
Always check the URL has a secure https:// address even if you don’t have tabs open on the browser.
If the URL looks suspicious in any way, close the tab and reopen it by entering the correct URL again.
Avoid leaving tabs open which require you to type in secure login details. Don't open any tabs while doing online banking - open new windows instead (CTL + N).
Finally, take a look at Online banking: How to stay safe to find out other ways to protect yourself from online scams.

More on lovemoney.com:
14 ways to protect your privacy
Six scams to shun
More from lovemoney.com

_________________
NEVER send money

Media Reporter for ScamVictimsUnited.com

Google is your best online friend. Google everything.
http://www.google.com/

For Romance Love scams
http://romancelovescams.mysubdn.com/forum/index.php


Last edited by Janez on Wed Jun 09, 2010 10:50 pm, edited 2 times in total.

Top
 Profile  
 
 Post subject: Re: Tab napping - a new online scam
PostPosted: Wed Jun 09, 2010 8:47 pm 
Offline
Moderator

Joined: Mon Apr 25, 2005 8:10 am
Posts: 583
Excellent informative post! Thank you for posting it!!! 8)


Top
 Profile  
 
 Post subject: Re: Tab napping - a new online scam
PostPosted: Wed Jun 09, 2010 9:51 pm 
Offline
Moderator

Joined: Sat Dec 06, 2008 10:39 pm
Posts: 414
Location: Third Rock from the Sun
I suggest that everyone who reads it copy and paste it to all of the sites they belong to.

_________________
NEVER send money

Media Reporter for ScamVictimsUnited.com

Google is your best online friend. Google everything.
http://www.google.com/

For Romance Love scams
http://romancelovescams.mysubdn.com/forum/index.php


Last edited by Janez on Thu Jun 10, 2010 7:10 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: Tab napping - a new online scam
PostPosted: Thu Jun 10, 2010 7:08 am 
Offline
Site Admin/Co-Founder

Joined: Mon Mar 31, 2003 10:09 pm
Posts: 2921
I will have to contact the admin there and see if they will give us permission to re-post this on our blog.

_________________
Shawn Mosch
Co-Founder of http://ScamVictimsUnited.com
There is strength in numbers!

Share your story with the media and educate others about scams! Details here http://scamvictimsunited.com/phpBB2/viewtopic.php?f=28&t=6319
Sign our petition http://www.change.org/actions/view/crea ... s_programs
Follow our blog http://scamvictimsunited.wordpress.com/
Find us on Twitter, Facebook and more http://www.retaggr.com/page/ShawnMosch
_______________________________________________
Has this site helped you?
Buy us a coffee to say thanks ~ http://www.scamvictimsunited.com/donations.htm


Top
 Profile  
 
 Post subject: Re: Tab napping - a new online scam
PostPosted: Thu Jun 10, 2010 7:12 pm 
Offline
Moderator

Joined: Sat Dec 06, 2008 10:39 pm
Posts: 414
Location: Third Rock from the Sun
admin wrote:
I will have to contact the admin there and see if they will give us permission to re-post this on our blog.



I am sure she will.

_________________
NEVER send money

Media Reporter for ScamVictimsUnited.com

Google is your best online friend. Google everything.
http://www.google.com/

For Romance Love scams
http://romancelovescams.mysubdn.com/forum/index.php


Top
 Profile  
 
 Post subject: Tab napping a new online scam
PostPosted: Sun Sep 05, 2010 11:10 am 
Offline

Joined: Sat Jul 17, 2010 6:49 pm
Posts: 2
Location: Denmark
The biggest provider for those scams are Blockdos and the talkgold forum admin that is a known fakt as they receive thousands of dollars each week from those admins.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 



All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Untitled document

 cron

Disclaimers, Message Board Guidelines and Privacy Policy   

Powered by phpBB® Forum Software © phpBB Group