Tabnabbing

Tabnabbing

Overview of the Vulnerability

Tabnabbing is a type of phishing attack that tricks users into inputting their login and password to a carbon copy of a genuine website. An attacker can use dynamic javascript to change the origin of a website to another website that looks exactly the same as the original, and can phish information from them.

Business Impact

Tabnabbing can result in reputational damage for the business as customers' trust is negatively impacted by an attacker sending them to a phishing site to extract login credentials, or coercing them to send a financial transaction.

Steps to Reproduce

  1. Using a browser, navigate to: {{URL}}

  2. {{action}} to navigate the user to a website in another window or tab

  3. {{action}} to change the original website to a malicious website: {{value}}

Proof of Concept (PoC)

The screenshot below demonstrates the tabnabbing:

{{screenshot}}

Recommendations(s)

It is recommended best practice to implement a cross-origin opener policy, and an isolation policy. Any time a user is redirected to a site from the webpage, they should be alerted with a security speed bump.

PreviousPOST BasedNextUsing Components With Known Vulnerabilities

Last updated