With April being Digital Spring Cleaning Month, it’s a great time to learn about the tricks scammers are using to try and get your personal information. This week’s trick is known as tabnabbing.
Do you have several tabs open while working or browsing online? No problem, right? Well it could be.
How many times a day do you go to different tabs to check your bank account, credit card statement or do online shopping? Hard to guess. And now, con artists have found a way to take advantage of this practice to get you to type your username and password into a fake page: tabnabbing.
Tabnabbing is a type of phishing scam where a website you have open changes its looks to a different, but familiar, website while the open tab is inactive. Con artists hope you don’t recognize the change and enter your login credentials.
The word “tabnabbing” was coined in 2010 by Aza Raskin, a security researcher and design expert. It began with gmail being the victim of tabnabbing, but this phishing scam now can spoof any legitimate site’s login page.
This scam begins with trust, which can make it hard to detect. Modern technology allows con artists to rewrite tabs and their contents even while the tab stays inactive. Then a fake page is loaded, consumers are directed to the fake page and they enter personal information.
So, what’s the big deal if they only get the login information for email accounts? In addition to having to reset passwords and tell everyone you have been hacked, the attackers can use access to your email to change the password on other accounts, like your bank. And remember, the con artist has seen details that could possibly be used in other scams, such as your birth date, where you live, where you work, etc. It doesn’t take much nowadays for scammers to utilize your personal information for their own needs.
So what would happen if you logged into your bank account online or you check your credit card statement? If you did so using a fake web page that’s made to look like a legitimate company, then you’ve just given everything a scammer needs to access these accounts. Loss of funds, possible identity theft, charges on your credit cards could happen.
Bottom line: Before entering your credentials into a tab that you left open and seems very familiar to you, take just a second and do a double check. Ensure that it’s the true URL of the company. And remember, a good practice is to always close a tab when you are done using it.
For more trustworthy consumer tips, visit www.bbb.org.
Kelvin Collins is president/CEO of the Better Business Bureau Serving the Fall Line Corridor including 83 counties in portions of Alabama, Georgia and South Carolina. The column is provided by the local BBB and the Council of Better Business Bureaus. The BBB sets standards for ethical business behavior, monitors compliance and helps consumers identify trustworthy businesses. Questions or complaints about a company or charity should be referred to the BBB at 1-800-763-4222, www.bbb.org or by email to firstname.lastname@example.org.