ActionFraud - National Fraud & Cyber Crime Reporting Centre - Call 0300 123 2040

Tabnapping is a type of phishing scam that fraudsters use to get people’s personal information.

Tabnapping targets people who keep multiple tabs open in their browser, often for long periods of time. The fraudsters then use JavaScript to change the contents and label of an open, but not active, tab to resemble the log-in screen of a bank, email provider or online shopping store.

When a user clicks back onto the tab to find the fake log-in screen, they assume that they have been logged out and re-enter their user information and password to log back in. When they enter these details, the personal information provided is sent straight to the fraudsters.

Fraudsters can then use this personal information to commit fraud.

The url in the browser’s address bar is not necessarily altered by tabnappers, so checking the url is the legitimate url of the service provider is not a sufficient precautionary measure.

The fraudsters may even put an additional message on the fake log-in screen, saying that the session has timed out and the user needs to re-enter their log-in details. This is a message that appears on legitimate websites, particularly on banks, increasing the likelihood that the user thinks the log-in screen is trustworthy.

How can tabnapping be prevented?

  • Ensure anti-virus and anti-spyware software is up-to-date on your computer and make sure your browser’s filter is switched-on and up-to-date. These measures should block malicious sites and legitimate sites that are infected with a phishing attack code.
  • If you’re unsure about whether or not a log-in screen is legitimate, close the tab down, open a new one and type in the legitimate url of the website you want to log-in to.
  • Follow identity theft crime prevention advice to stay alert to unrecognisable transactions in your name.

If fraud has been committed, report it to Action Fraud.

See also:
Online shopping fraud
Identity theft and fraud 

Related articles