At first it sounded like this:<div><br></div><div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<span class="Apple-style-span" style="font-family: arial, sans-serif; font-size: 13px; border-collapse: collapse; "> --New Twist on Phishing Targets Open Browser Tabs<br>(May 24, 25 &amp; 26, 2010)<br>A Firefox developer is warning of a new kind of phishing attack that<br>
preys on users&#39; inattention to which tabs they have open in their<br>browsers.  The attack is p<span class="Apple-style-span" style="background-color: rgb(255, 255, 255);">erpetrated by </span><span class="il" style="background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; "><span class="Apple-style-span" style="background-color: rgb(255, 255, 255);">JavaScript</span></span><span class="Apple-style-span" style="background-color: rgb(255, 255, 255);"> c</span>ode in a<br>
specially-crafted page.  When users have several tabs open and are not<br>viewing the site with the malicious code, the code surreptitiously<br>changes the destination page after several minutes of inactivity; the<br>favicon and title of the page are changed as well.  The attack can be<br>
made more personal by perusing users&#39; browsing histories and making the<br>page appear to be one that the user frequents, such as Facebook or a<br>banking login page.  When the user goes back to the tab, there is a<br>
sign-on screen asking for login credentials.  The vulnerability affects<br>all major browsers that run on Mac OS X and Windows.<br><a href="http://krebsonsecurity.com/2010/05/devious-new-phishing-tactic-targets-tabs/" target="_blank" style="color: rgb(42, 93, 176); ">http://krebsonsecurity.com/2010/05/devious-new-phishing-tactic-targets-tabs/</a><br>
<a href="http://www.theregister.co.uk/2010/05/25/tabnapping_phishing_attack/" target="_blank" style="color: rgb(42, 93, 176); ">http://www.theregister.co.uk/2010/05/25/tabnapping_phishing_attack/</a><br><a href="http://www.h-online.com/security/news/item/New-phishing-attack-exploits-tabbed-browsing-1006386.html" target="_blank" style="color: rgb(42, 93, 176); ">http://www.h-online.com/security/news/item/New-phishing-attack-exploits-tabbed-browsing-1006386.html</a><br>
<a href="http://www.computerworld.com/s/article/9177326/Sneaky_browser_tabnapping_phishing_tactic_surfaces?source=CTWNLE_nlt_pm_2010-05-25" target="_blank" style="color: rgb(42, 93, 176); ">http://www.computerworld.com/s/article/9177326/Sneaky_browser_tabnapping_phishing_tactic_surfaces?source=CTWNLE_nlt_pm_2010-05-25</a><br>
<a href="http://www.computerworld.com/s/article/9177398/How_to_foil_Web_browser_tabnapping_?taxonomyId=85" target="_blank" style="color: rgb(42, 93, 176); ">http://www.computerworld.com/s/article/9177398/How_to_foil_Web_browser_tabnapping_?taxonomyId=85</a></span></blockquote>
<br><div class="gmail_quote">On Sat, May 29, 2010 at 12:20 PM, Rev. Dan <span dir="ltr">&lt;<a href="mailto:doktahworm@gmail.com">doktahworm@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Rather, I *find* it interesting.<br>
<font color="#888888"><br>
- Dan<br>
</font><div><div></div><div class="h5"><br>
<br>
On May 29, 2010, at 11:16 AM, &quot;Rev. Dan&quot; &lt;<a href="mailto:doktahworm@gmail.com">doktahworm@gmail.com</a>&gt; wrote:<br>
<br>
&gt;&gt; technical issues involved, but I expect Paypal to use knowledgeable<br>
&gt;&gt; people.<br>
&gt;<br>
&gt; I think the usage of the word &quot;use&quot; vs. one like &quot;employ&quot; to be<br>
&gt; interesting.<br>
&gt;<br>
&gt; - Dan<br>
_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
</div></div></blockquote></div><br></div>