(Last Updated On: June 10, 2021)

Anti-ScamScam A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost. FAQ: What Is Tabnapping?


Answer:

Tabnapping is a type of phishing scamPhishing scam Scammers often use email "phishing" to hook unsuspecting fraud victims. Treat all unsolicited email and spam as suspicious: Do not open or reply. To avoid loading malicious software onto your computer or device, never click a link – even from a trusted source – unless you've verified its authenticity. Be especially wary of emails asking for emergency funds or help from friends, family and colleagues. Their email accounts may have been hacked. Scammers will also pretend to be government agencies in scam emails. that fraudsters use to get people’s personal information.

Tabnapping targets people who keep multiple tabs open in their browser, often for long periods of time. The fraudsters then use JavaScriptJavaScript JavaScript is a scripting or programming language that allows you to implement complex features on web pages, in software, and apps — every time a web page does more than just sit there and display static information for you to look at — displaying timely content updates, interactive maps, animated 2D/3D graphics, scrolling video jukeboxes, etc. — you can bet that JavaScript is probably involved. It is the third layer of the layer cake of standard web technologies, the other two are HTML and CSS. to change the contents and label of an open, but not active, tab to resemble the log-in screen of a bank, email provider or online shopping store.

When a user clicks back onto the tab to find the fake log-in screen, they assume that they have been logged out and re-enter their user information and password to log back in. When they enter these details, the personal information provided is sent straight to the fraudsters.

Fraudsters can then use this personal information to commit fraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim..

The url in the browser’s address bar is not necessarily altered by tabnappers, so checking the URL is the legitimate URL of the service provider is not a sufficient precautionary measure.

The fraudsters may even put an additional message on the fake log-in screen, saying that the session has timed out and the user needs to re-enter their log-in details. This is a message that appears on legitimate websites, particularly on banks, increasing the likelihood that the user thinks the log-in screen is trustworthy.

How Can Tabnapping Be Prevented?

  • Ensure anti-virusVirus A computer program that can replicate itself and spread from computer to computer or file to file. It comes to life only when you take a specific action, such as running a particular program. and anti-spywareSpyware A type of malware installed on computers or cellphones to track your actions and/or collect information without your knowledge. Some spyware can change computer settings for pharming redirection. software is up-to-date on your computer and make sure your browser’s filter is switched on and up-to-date. These measures should blockBlock Blocking is a technical action usually on social media or messaging platforms that restricts or bans another profile from seeing or communicating with your profile. To block someone on social media, you can usually go to their profile and select it from a list of options - often labeled or identified with three dots ••• malicious sites and legitimate sites that are infected with a phishing attack code.
  • If you’re unsure about whether or not a log-in screen is legitimate, close the tab down, open a new one and type in the legitimate URL of the website you want to log-in to.
  • Follow identity theftIdentity Theft Identity theft is when someone uses another person's personal identifying information, without their permission, to commit fraud or other crimes. In both the U.K. and the United States it is the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits, and perhaps to cause other person's loss. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources. crime prevention advice to stay alert to unrecognizable transactions in your name.