Basically, the idea is that people identify their tabs by the favicon and title.
So you go to some website; it displays some legitimate content. Then you go to another tab, for some reason. Once you have been off the malicious tab for some period of time, it sneakily changes its favicon and title to match a secure-website that you use, and changes its contents to mirror that site.
So imagine you are Joe-user, with 15 tabs open. You follow a link from a google search. You leave it open in the background while you go and check your rss reader. Then you go to check your email, you scan your tabs looking for the little gmail envelope and go to that tab. When you bring it up it shows the login page, "huh, you think. I wonder why I'm not logged in", and enter your credentials. Little do you know you actually just sent your username and password to the malicious site, not google.
No comments:
Post a Comment