Naik, I assume you would be referring to the latest kind of phishing attack called as Tabnabbing.
*Tabnabbing* is a computer exploit and phishing attack, which persuades users to submit their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. The attack was discovered and named by Aza Raskin<http://en.wikipedia.org/wiki/Tabnabbing#cite_note-1>a security researcher and design expert. The attack takes advantage of user trust and inattention to detail in regard to tabs, and the ability of modern web pages to rewrite tabs and their contents a long time after the page is loaded. The exploit employs script to rewrite a page of average interest with an impersonation of a well-known website, when left unattended for some time. A user who returns after a while and sees the rewritten page may be induced to believe the page is legitimate and enter their password and other details which will be used for improper purposes. The attack can be made more likely to succeed if the script checks for well known websites the user has loaded in the past or in other tabs, and loads a simulation of the same websites. This attack can be done even if Javascript is disabled, using the refresh meta element, an HTML attribute used for page redirection that causes a reload of a specified new page after a given time interval. A Live example can be further be studied and seen here in the below link: (For education purpose only) http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/ Regards Sandeep Thakur On Sat, Jul 3, 2010 at 2:11 AM, Srinivas Naik <[email protected]> wrote: > Hi Geeks, > > Today I was browsing keeping my Gmail logged in, while browsing in > different tabs I came back to my Gmail Tab. > > It was asking me to login.....! > > Then I left the tab in same way and opened a new browser and tried > google.com; My session was active with google. > then I opened Gmail, it automatically to me to my Account. > > Later when I was searching..... I came across a New Phishing Attack... * > "Tababbing*". > > > Please be aware of such attacks. > > > > Thanks & Regards, > 0xN41K > > -- > You received this message because you are subscribed to the Google Groups > "nforceit" group. > To post to this group, send an email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nforceit%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nforceit?hl=en-GB. > -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
