what is tabnapping?


what is tab napping?

the word "tab napping" comes from the combination of " tab " and " kidnapping".used by the hackers ,scammers and phishers. tab napping is an interesting ,tricky,clever, and smart hacking technique for phishing and scamming.





by this hacker can take advantage and control a victim's unattended browser tabs by hijacking and redirecting him to malicious URLs where they can perform attack and scripts and data URLs. its a kind of phishing but in phishing multiple tab does not open at the same time. 

for example:

 if your already logged in to your  facebook account and suddenly you  see an interesting post with a web link.after clicking on the link , a news tab open. the link which is clicked by you it is redirected to it's original address. but the previous tab will change to a fake facebook login page. when you go back to the previous tab to log in facebook. your login information will be sent to the attacker and your successful login to facbook because you never logged out.


how to protect yourself from tab napping?

 1)always check URL in the address bar and ensure that it is using secure protocol HTTPS.
2)do not use multiple tab or close inactive tabs






Comments

Post a Comment

Popular posts from this blog

Image
 ⇒ What is an ip addresss? An   IP address   (abbreviation of   Internet Protocol address ) is an identifier assigned to each computer and other device (e.g., printer,   router ,   mobile device , etc.) connected to a   TCP/IP network that is used to locate and identify the node in communications with other nodes on the network. IP addresses are usually written and displayed in   human-readable notations. ➦ there are mainly two ip address 1)ipv4 2)ipv6 ⇒ Ipv4 address An IP address in IPv4 is   32-bits   in size, which limits the   address space   to   4294967296   (2 32 ) IP addresses. Of this number, IPv4 reserves some addresses for special purposes such as   private networks   (~18 million addresses) or   multicast addresses   (~270 million addresses). IPv4 addresses are usually represented in   dot-decimal notation, consisting of four decimal numbers, each ranging from 0 to 255, separated by dots, e.g., 172.16.254.1. Each part represents a group of 8 bit
Read more

MALWARE

Image
what is malware ? malware is a software,that perform  victim  malicious action on victims computer or any device. the term is a combination of the words malicious and software.the ultimate goal of hackers to install malware on your computers or any device any how.once they install malware on your computer or device they can access your computer. the malware are not only targeted to only some specific system like windows ,while windows is widely used ,thus a big target,malware can infect any computing device.every one is a target, including you. the more computer or devices cyber criminal infect,the more money they earn.  who is developing malware and why? malware is created by sophisticated cyber criminals to help them achieve specific goals.the main goal is to steal important information , user id passwords, to send spam  emails,launching denial of service attacks. the malware known as petya is used by criminals to infect and encrypt hard disk of your computer.once infe
Read more

Nmap for scanning networks

Image
what is Nmap? Nmap ("Network Mapper") is a free open source tool for scanning the network.you can download from from here nmap.org Nmap  uses raw IP packets in novel ways to determine what hosts are available on the network,what services (application name and version) those hosts are offering ,what operating system (os version) they are running,what type of packets filters/firewalls are in use,and dozens of other characteristics. firewalls,routers,proxy servers and other security devices can skew the results of and Nmap scan.scanning remote hosts that are not on your local network may provide misleading information because of this  what is illegal with Nmap? scanning networks that you do not have permission to scan can get you in trouble with your internet service provider,the police,and possibly even the government. don't go off scanning the FBI of secret service website unless you want to get in trouble. aggressively scanning some systems may cause
Read more