Tabnabbing is a phishing method in which attackers take advantage of victims’ unattended browser tabs. After hijacking an inactive tab and redirecting it to malicious URLs, an attacker can perform a phishing attack and execute scripts.
With reverse tabnabbing, on the other hand, attackers can actually rewrite the source page after a victim clicks a malicious link. Usually, this means replacing a source page with a phishing site before the victim navigates back to that original tab. Here, the redirection happens through links from the parent site to the attacker’s site.
These attacks can fool even an attentive user. Here’s how developers can take steps to prevent them.
How Does a Reverse Tabnabbing Attack Work?
A reverse tabnabbing attack begins when a victim clicks a link on a legitimate site. As the new tab opens, the attacker redirects the source page to a phishing page. After navigating back to that page, the victim thinks they are still on the right page. There, attackers can collect any credentials or sensitive data the victim enters into the decoy site.
Websites often contain external links, and if target= “_blank” is added to <a> element in HTML, the link will open in a new tab. The page linked through href might be either safe or unsafe. We do not know if the href link is a legitimate or malicious page since we have no control over it.
<a href=”page.site.com” target=”_blank”>
If a linked page is opened with target=”_blank” or by window.open() in Javascript, the linked page will have access to the same window.opener-property as the linking page. Thus, the linked page can set the property window.opener.location to any ..
Support the originator by clicking the read the rest link below.
