We value your privacy

We use cookies to enhance your browsing experience and analyze traffic anonymously for internal statistical purposes. By clicking “Accept all,” you consent to the use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site.... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

  • Cookie
    cookieyes-consent
  • Duration
    1 year
  • Description

    CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about site visitors.

  • Cookie
    _GRECAPTCHA
  • Duration
    180 days
  • Description
    This cookie is used by the Google reCAPTCHA service to protect the site from spam and abuse, distinguishing between real users and bots. It performs a risk analysis by collecting information on browsing behavior and device details, such as mouse movements, keystrokes, and technical data.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

  • Cookie
    language
  • Duration
    1 anno
  • Description

    This cookie is used to store the user's language preference.

  • Cookie
    post_viewed_
  • Duration
    1 ora
  • Description

    This cookie prevents a single visit to an article from being counted multiple times when the page is refreshed.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

  • Cookie
    _ga_*
  • Duration
    1 anno 1 mese 4 giorni
  • Description

    Google Analytics sets this cookie to count visitors to the page

  • Cookie
    _ga
  • Duration
    1 anno 1 mese 4 giorni
  • Description

    Google Analytics sets this cookie to calculate visitor, session, and campaign data and track site usage for site analytic reporting. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Guides

Tabnabbing: the invisible threat in cyber security 

Tabnabbing is a type of cyber attack that relies on deceptive techniques to compromise the security of personal data. Understanding how it works and why it is so effective is essential for protecting one’s information.

Tabnabbing: the hidden threat among multiple open tabs

11 November 2024

Table of contents

  • What is tabnabbing: the hidden threat among open tabs 
  • How a tabnabbing attack works 
  • Why tabnabbing is such an effective attack 
  • How to protect yourself from tabnabbing 

In recent years, cyber security has become a central issue, particularly due to the rise in sophisticated phishing attacks. 

Recently, there have been numerous reports of attacks on popular platforms where hackers successfully extract users’ sensitive data without them immediately realizing it. 

Among these threats, tabnabbing has emerged—a sneaky form of phishing that exploits one of the most common online habits: opening and keeping multiple tabs active in the browser. 

What is tabnabbing: the hidden threat among open tabs 

Tabnabbing is a sly form of attack that takes advantage of users’ habit of opening multiple tabs while browsing the internet. 

The technique was first described by Aza Raskin in 2010, and although it has been known for years, it continues to claim victims precisely because of its ability to go unnoticed. 

In short, a tabnabbing attack is based on the idea that when a browser tab remains open but inactive for some time, it can be modified by a malicious script to load a new web page that resembles a legitimate login page

The unsuspecting user, upon returning to that tab, may be prompted to re-enter their credentials on a fake login page, unknowingly handing over their login information to the attacker. 

This type of attack is particularly effective because it takes advantage of the habit of keeping multiple tabs open within the browser, making it difficult to notice changes in inactive pages. 

How a tabnabbing attack works 

Example:
The tabnabbing attack process follows specific, well-defined steps. First, the user clicks on an apparently harmless link, which opens another browser tab or page within the browser. This new web page may look legitimate, and the user might decide to leave it open to check its contents later. 

While the user focuses on other tabs, a malicious JavaScript script modifies the content of the tab that was left open. 

This script can change the URL and page content, transforming it into a fake login page for a commonly used website, such as an email service, social network, or payment platform. 

When the user returns to the tab, they may think they are on the regular login page for the service and, without suspicion, try to re-enter their login credentials. At this point, the script records their personal data and sends it to the attacker. 

Browser tab open but inactive

Why tabnabbing is such an effective attack 

Tabnabbing is effective because it leverages a combination of psychological and behavioral factors. The trust that a user develops toward a page open in a tab and the tendency not to recheck the URL before entering their data are central to this attack.

Many users do not suspect that an open tab could undergo invisible changes, and few have the habit of verifying each time if the URL is correct. 

This type of attack thus relies on the context of use and the most common browsing habits. In a world where multitasking is the norm and keeping multiple browser tabs open is routine, tabnabbing stands out as one of the most insidious threats in modern cyber security

How to protect yourself from tabnabbing 

Preventing a tabnabbing attack requires awareness and vigilance, though there are some technical countermeasures. Here are some recommended practices: 

  • Always verify the URL
    Before entering login credentials on a login page that has been open for a while, ensuring that the connection is secure and protected (https://). 
  • Avoid clicking suspicious links
    Or those from untrustworthy sources; even seemingly harmless pages can hide tabnabbing attempts. 
  • Use security extensions
    There are browser extensions that block unauthorized JavaScript and help prevent modifications of this kind in inactive tabs. 
  • Update the browser frequently
    Browser updates often include security patches that improve protection against attacks like tabnabbing
  • Close unused tabs
    A good practice is to minimize the number of open tabs, especially those containing sensitive data or connected to sites requiring personal login information
107
To top