Protect your browser from "tabnabbing": "
Aza Raskin, lead designer for Firefox, created a page that illustrates this. If you click on that link and then ignore it for awhile (create and switch to another tab), Aza's page will turn into a lookalike for Gmail.
He claims this will work in 'all major browsers,' and I confirmed it in Safari, Google Chrome, and Firefox on the Mac. It even worked -- albeit poorly and less regularly -- in OmniWeb and Opera. However, before users of either of those browsers claim some sort of victory, please realize that my testing was not scientific or extensive, and Aza's 'proof of concept' may not be as thorough as some other sites.
Aza's example isn't too difficult to spot; if you look at the Address Bar you will see this URL still points to his domain, but he could easily redirect you to a non-Latin domain name that looks like a different website which would be harder to spot.
What should you do to protect yourself? Well, perhaps unsurprisingly, Aza thinks you should use Firefox, which has an Account Manager feature that is supposed to help protect you from this kind of attack.
But what about the next phishing attack? Or what if you prefer a different browser? Read on for a better solution that will allow you to use just about any browser you choose...
TUAWProtect your browser from 'tabnabbing' originally appeared on The Unofficial Apple Weblog (TUAW) on Tue, 01 Jun 2010 09:00:00 EST. Please see our terms for use of feeds.
0 comments:
Post a Comment