New kind of phishing attack


The team behind the Firefox browser has warned users about a new kind of phishing attack.
The
new phishing attack replaces an inactive browser tab on the Firefox
browser with a malicious phishing page designed to steal user names and
passwords for e-mail and bank accounts from unsuspecting users.
Firefox creative team leader, Aza Raskin, stated that the attack, which only affects the latest version of Firefox, is easily avoidable if users are cautious and check that the URL in the browser address page is correct before proceeding to enter any details.
The new phishing attack affects an inactive tab on the browser by running malicious Javascript, replacing one page with a fake of another.
The attack relies on users thinking that they left the fake tab open without logging-in, prompting them to enter their username and password on the fake screen… “
More @ link

26 May, 2010

Source: Firefox Warns of New Phishing Scam – ITProPortal.com
Address : http://www.itproportal.com/portal/news/article/2010/5/26/firefox-warns-new-phishing-scam/
NoScript update:

“Experimental protection against Aviv Raff’s scriptless
tabnagging
variant
, by blocking refreshes triggered on unfocused untrusted tabs.”

Source: NoScript – JavaScript/Java/Flash blocker for a safer Firefox experience!
Address : http://noscript.net/?ver=1.9.9.80&prev=1.9.9.77