NoTabNab: Protection against the "tabnabbing attack"

NoTabNab: Protection against the "tabnabbing attack"

In recent years phishing attacks have become one of the most important problems of online security. Aza Raskin, the creative lead of Mozilla Firefox team, proposed a new type of phishing attack, "tabnabbing attack" as he names it. The attack is different from classical phishing attacks; wh...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Unlu, S A, Bicakci, K
Format: Tagungsbericht
Sprache:eng
Schlagworte:
browser add-on
Helium
HTML
Keyboards
phishing
software
tabnabbing
web security
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In recent years phishing attacks have become one of the most important problems of online security. Aza Raskin, the creative lead of Mozilla Firefox team, proposed a new type of phishing attack, "tabnabbing attack" as he names it. The attack is different from classical phishing attacks; while classical attacks rely on deception of users with a similar URL and/or content in appearance to the original site, this attack uses our memory weakness and false perception that browser tabs are immutable i.e., do not change while inactive. We develop a Firefox add-on to protect users against this attack. Our method is based on the fact that a phishing web site should change its layout radically to look like the original site. This add-on watches the open tabs and indicates whether one changes its layout, favicon and/or title to become like another site.
ISSN:2159-1237
2159-1245
DOI:10.1109/ecrime.2010.5706695