TechGuard Blog

Employees should Watch out for Tabnabbing

We pride ourselves on multi-tasking and taking on many roles. We often get to work and start the day by opening various tabs online so that we can seamlessly hop from one task to the next. Think about how many accounts one might log into simultaneously while working. Consequently, hackers will try to take advantage of hardworking employees through the method of "tabnabbing".

What is Tabnabbing?

According to Wikipedia, "tabnabbing" is a computer exploit and phishing attack. It persuades users to submit their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. The attack's name was coined in early 2010 by Aza Raskin, a security researcher and design expert."

How to Reduce the Risk

  • Close a tab when you finish using a website.
  • Use two-factor authentication to log into accounts.
  • Check the URL to make sure you're on the real website.
  • If you are timed out of your account and asked to log back in, close the tab. Then, go to the actual website again to log in.

Would your Employees Fall for Tabnabbing?

Many would like to think that their employees would recognize the attempt. In this fast-paced world with multiple project deadlines, it could be easy to fall prey to a hacker. If a hacker gains an employee's email credentials, imagine all the passwords that could change as a result of a cybercriminal having email access. Think about the ramifications of having a banking account log in credentials hacked or the credentials hacked to a website software company.

Test Your Employees

Also, consider using a phishing simulator to help educate your employees to recognize a hacking attempt. It only takes one user making the mistake of re-entering log in credentials on a malicious site for a cybercriminal to gain access to and exploit your data costing you millions of dollars and the trust of your customers. In addition, TechGuard's phishing simulator delivers real-world scenarios to reinforce learning, remediate behaviors, and prevent attacks. 

Check out our other blogs on Physical Security:

What is IT Security worth without Physical Security?                               Create a Top-Down Culture

Your #1 Security Threat - Well-Intended Employees                                  The Threat Within

USB Drops: Would your Employees Take the Bait?                                     Social Engineering Takes on Many Shapes

Top 5 Security Awareness Training Topics                                                    Insider Threats are Weakening Your Physical Security

Poisoning the Water Cooler                                                                              

Written by Michelle Stamps

Michelle has over 10 years of experience in marketing and business development across various industries including government and non-profit. Her background in writing, facilitating presentations and event planning allows her to use her creative skill-set and her relationship building skills strengthens her ability to understand the human element role in cybersecurity and to support positive behavior change. Whether she is out in the community, blogging or developing the next social post for TechGuard, she believes in telling the company’s story and uses relatable, real-life examples to connect with our clients. If you know Michelle outside of work, you would know that she loves sunny days and tropical places.