IT

03-04-2025

Don’t Fall for the Trap: How Tabnabbing Works.

What is Tabnabbing?

Tabnabbing is a cyberattack technique that exploits users’ habit of keeping multiple tabs open in their web browsers. Attackers manipulate inactive tabs to redirect users to fake websites that mimic legitimate pages, such as banks, social media platforms, or email services.

Keeping multiple tabs open in a browser is a very common habit, but few people realize that it can make them the perfect target for this type of attack.

How Does It Happen?

Tabnabbing does not necessarily mean that cybercriminals “hack” your computer to replace web pages. Instead, they take advantage of vulnerabilities in how web browsers work and how users interact with them.

The Tabnabbing Process:

●  Malicious Code on Websites:

Attackers insert malicious JavaScript code into websites that often appear harmless. This can happen on compromised websites, malicious ads, or even websites designed specifically for this type of attack.

●  Manipulation of the Inactive Tab:

When you visit one of these malicious websites and then switch to another tab, the JavaScript code activates. This code can silently change the content of the original tab.

Specifically, the code manipulates JavaScript’s “window.opener” property, which allows an opened tab to partially control the tab that opened it. Attackers exploit this to replace the original tab’s content with a fake login page.

●  Deception and Credential Theft:

When you return to the tab you thought was legitimate, you see a login page that looks identical to the original.

Without realizing it, you enter your credentials, which are then captured by the attackers.

 

How to Prevent It

  •  Close unnecessary tabs: The simplest way to prevent tabnabbing is to close tabs you are not using, especially those containing sensitive information.

  •  Check the URL: Before entering your credentials on a website, ensure the URL is correct and that the site is legitimate.

  •  Keep your software updated: Make sure your browser and operating system are up to date with the latest security patches.

  • Use strong passwords: Use unique and complex passwords for each of your accounts.

  • Be cautious with suspicious links: Avoid clicking on links in emails or messages from unknown sources.



This method is especially dangerous because it does not require users to click on a suspicious link or receive a fraudulent email, as in other phishing techniques. Simply keeping tabs open from trusted pages allows attackers to replace them without raising suspicion.

Tabnabbing is not a new method, but it is becoming increasingly relevant due to users’ bad habit of accumulating too many open tabs while browsing. Additionally, with the growing popularity of modern browsers that allow session restoration, many users open their browser and automatically recover all the tabs from their last session, which prolongs the risk of falling victim to this type of attack.

If you have any questions regarding this topic, please do not hesitate to contact us at 7078 8001 or via email at it@jebsen.com.ar.

Sincerely,

Laura Borroni

Systems Engineer

IT Department

April 2025

 

Este boletín informativo ha sido preparado por Jebsen & Co. para información de clientes y amigos. Si bien ha sido confeccionado con el mayor cuidado y celo profesional, Jebsen & Co. no asume responsabilidades por eventuales inexactitudes que este boletín pudiera presentar.

Volver a Boletines