Firefox Warns of New Phishing Scam

The team behind the Firefox browser has warned users about a new kind of phishing attack.

The new phishing attack replaces an inactive browser tab on the Firefox browser with a malicious phishing page designed to steal user names and passwords for e-mail and bank accounts from unsuspecting users.

Firefox creative team leader, Aza Raskin, stated that the attack, which only affects the latest version of Firefox, is easily avoidable if users are cautious and check that the URL in the browser address page is correct before proceeding to enter any details.

The new phishing attack affects an inactive tab on the browser by running malicious Javascript, replacing one page with a fake of another.

The attack relies on users thinking that they left the fake tab open without logging-in, prompting them to enter their username and password on the fake screen.

Writing on her blog, Raskin said: “As the user scans their many open tabs, the favicon and title act as a strong visual cue - memory is malleable and moldable and the user will most likely simply think they left a Gmail tab open.”