|
Brazillion, I think that may be an under exaggeration for me lol (Actually I'm not really laughing though - I think people will need to be really careful.)
|
|
Aaargh. I have a brazillion tabs open all the time!
Can they tell when I have multiple Ancestry and FreeBMD and 192.com and FMP tabs open ... plus a few dozen govt of Canada websites? Not to mention all the GR tabs I've opened and wandered off from ...
Another advantage of never signing out of a website. You never accidentally sign in somewhere else!
|
|
Never heard of this before but I don't like the sound of it:
http://uk.biz.yahoo.com/07062010/389/tab-napping-new-online-scam.html
Watch out for this new online phishing scam which uses 'tab napping' to attack your computer - and your finances...
How does tab napping work?
Tab napping is more sophisticated than the phishing scams we’ve seen so far, and it no longer relies on persuading you to click on a dodgy link. Instead it targets internet users who open lots of tabs on their browser at the same time (for example, by pressing CTRL + T).
How does it work? By replacing an inactive browser tab with a fake page set up specifically to obtain your personal data - without you even realising it has happened.
Believe it or not, fraudsters can actually detect when a tab has been left inactive for a while, and spy on your browser history to find out which websites you regularly visit, and therefore which pages to fake.
So don't assume that after you have opened a new tab and visited a web page, that web page will stay the same even if you don’t return to it for a time while you use other windows and tabs. Malicious code can replace the web page you opened with a fake version which looks virtually identical to the legitimate page you originally visited.
How might tab napping work in practice?
Imagine you open the login page for your online bank account, but then you open a new tab to visit another website for a few minutes, leaving the first tab unattended. When you return to your bank’s site the login page looks exactly how you left it. What you haven’t realised is that a fake page has taken its place, so when you type in your username and password, you have inadvertently given the fraudster easy access to your account.
Even if you have already logged into your bank account before opening another tab, when you return you might find you’re being asked to login again. This may not necessarily rouse any suspicion since you might simply assume your bank has logged you out because you left your account inactive for too long. You probably won’t even think twice before logging in for a second time. But this time round you have accidently inputted your security details into a fraudster’s fake page which have been sent back to their server.
Once you have done so, you can then be easily redirected to your bank’s genuine website since you never actually logged out in the first place, giving you the impression that all is well.
How can you protect yourself against tab napping?
This is pretty scary stuff but thankfully tab napping should be relatively easy to avoid. Here are five simple ways you can prevent yourself from falling victim:
Make sure you always check the URL in the browser address page is correct before you enter any login details. A fake tabbed page will have a different URL to the website you think you’re using.
Always check the URL has a secure https:// address even if you don’t have tabs open on the browser.
If the URL looks suspicious in any way, close the tab and reopen it by entering the correct URL again.
Avoid leaving tabs open which require you to type in secure login details. Don't open any tabs while doing online banking - open new windows instead (CTL + N).
Finally, take a look at Online banking: How to stay safe to find out other ways to protect yourself from online scams.
Full article at the link above,
|
