Suffering a cyber attack simply by clicking where we should not is a reality. We can get one of the many varieties of malware that are present on the Internet simply by entering a web page or downloading a malicious file. There are many types of attacks and strategies that hackers use and therefore we must always be alert and not make mistakes. In this article we are going to talk about what is tabnabbing , a type of attack that can occur simply by opening a link.
What is a tabnabbing attack
We are not facing a new attack, since it is a problem that has existed for a long time and that affects all types of browsers. Of course, many of the most used have already taken measures to avoid or reduce this problem.
A tabnabbing attack consists of a security problem that allows a page that we have opened through a link to change its appearance and redirect to a completely different one. It can be any website created by the attacker.
For example, we could access a news page, enter a link that takes us to a section to log in to a social network, for example to comment on an article, and that site that we have opened completely changes its appearance. The victim is actually entering a maliciously configured page to attack.
It is what we could call a Phishing attack through the browser tabs. Thanks to this type of attack called tabnabbing, the attacker gets the victim to have a page of his property open, which could give the appearance of the web to log in to email, social networks or any online platform.
We could also be in front of a web page that has the mission of downloading malicious software automatically. Once we have opened that site, it will automatically download a malicious file on our system.
JavaScript, the weapon for tabnabbing attacks
Now, how do attackers manage to modify these links and redirect? They do this with the injection of JavaScript code . They manage to modify a link so that it redirects to a different URL than the original one. In this way they can show any website they want, regardless of whether it is very similar to the original or is totally different.
This has caused many content managers, such as WordPress, to automatically add the rel = “noopener” attribute when creating a link. What it does is, when a link opens in a new tab, you can’t use JavaScript to redirect.
Some modern browsers even add this attribute to all the links that are opened in a new tab, regardless of their origin. This prevents tabnabbing attacks that compromise the security of users from occurring.
How to avoid falling victim to tabnabbing attacks
We can take into account some tips to avoid being victims of tabnabbing and similar attacks that may compromise the proper functioning of the equipment and affect our security and privacy. We are going to give some recommendations for it.
Choose well which browser to use
A first tip is to choose well which browser we are going to use . We have seen that some of the most current already have techniques incorporated to prevent tabnabbing tacks and prevent them from injecting JavaScript into links.
We have many options at our disposal, but as we know, not all browsers are the same. Some are even designed to improve security and privacy when surfing the web.
Keep equipment and systems up-to-date
Another issue that we must take into account is to keep all the devices, systems and browsers that we use correctly updated . Sometimes vulnerabilities emerge that they can exploit to inject code and modify links, for example. A way to avoid being redirected to pages controlled by attackers.
Have security tools
We must also take into account the importance of having security tools . A good antivirus, for example, can prevent the entry of malware. If we are victims of a tabnabbing attack and we download a malicious file inadvertently, a security program could help protect us.
Take a good look at the links we open
Finally, something fundamental is common sense and taking a good look at the links that we are going to open. It is essential to avoid errors when browsing, clicking on links that correspond to unsafe sites and which we cannot trust.
If we do not make mistakes, if we look closely at the URL of the site, as well as possible changes they have made, we can protect our accounts and prevent intruders who can collect information and steal passwords when browsing.
