Tab jacking is a new concept of hacking your credentials from your own browsers.
To put in simple, For example when you have 10 tabs opened in your Firefox and working simultaneously, you will be prompted to original login screen suddenly (Eg: you’ll see the standard Gmail login page). Now you will think that you are logged out automatically and once you see the screen you will start typing your credentials L.
After entering your login information and you’ve sent it back to your server, you redirect them to Gmail. Because they were never logged out in the first place, it will appear as if the login was successful.
Below screen will give you the idea how it looks like. (Note the address bar and the browser body)
How I use to avoid this is “I always check the address bar before typing a sensitive password and change my password every 2 months at least”
No comments:
Post a Comment