Tabnapping provides new route for scammers
It’s so easy when you’re online to browse around, opening new windows but forgetting to close the ones you’re no longer using. And it’s so easy for scammers to take advantage of that practice.
Using a new technique called “tabnapping,” identity thieves are hijacking inactive browser tabs and tricking people into giving up their login and password information, according to the Better Business Bureau.
Among those targeted are windows opened to check a bank statement, investment account or credit card record.
“This scam begins with trust, which can make it hard to detect,” the BBB said in its recent alert.
Basically, tabnapping is a phishing scam that involves scammers loading a fake webpage onto one of those opened tabs. The fake site will look similar to the original, legitimate page so that when you go back to it you likely won’t notice.
It will ask you to log in again, and once you do, you will have turned over your login and password. Now, the scammers have the tools to hack into your real accounts and steal your information, according to the BBB.
“Scammers can tabnap your online banking website, email homepage, and any other trusted websites you regularly visit,” the BBB says. “With your login and password information, scammers can steal your identity or even gain access to your bank account. Loss of funds, possible identity theft, charges on your credit cards all could happen.”
There’s an obvious way to guard against this, and that is by remembering to close a tab when you’re finished with the website you’ve been using.
Another safeguard: before entering your information on a tab you’ve left open, check the URL to make sure you have a legitimate site.
If spring-cleaning is in the cards, bundle your personal papers and bring them to an AARP-sponsored event in Santa Fe later this month for free shredding. It will be held from 10 a.m. to noon Saturday at Santa Fe Place Mall, 4250 Cerrillos Road.
A study released last week says more than half of the kid’s apps in the Google Play Store might be in violation of the Children’s Online Privacy Protection Act because of the way they track their young users.
Researchers at the International Computer Science Institute at the University of California, Berkeley, came to that conclusion after studying nearly 6,000 apps for children.
Among the potential violations: More than 1,000 of the apps collected identifying information from kids using tracking software whose terms explicitly forbid their use for children’s apps, the study found. And nearly half the apps failed to always use standard security measures to transmit sensitive data over the internet, said the study, called “Won’t Somebody Think of the Children?”
Its release comes at a time when the tech industry in under intense scrutiny for its failure to protect the privacy of its users.
News tip: The Chinese consulate will not call you on the phone.
People across the country have reported getting a call or message saying they need to pick up a package at the Chinese Consulate office. Or they’ll say you need to give them bank or credit card information to avoid being in trouble.
“Regardless of who you are or who says they’re calling, never send money to anyone who calls and asks you to send it,” the FTC says.
“And neither the real Chinese consulates, nor the Chinese Embassy, will ever call you to ask for money.”
Contact Ellen Marks at emarks@abqjournal.com or 505-8233842. To report a scam to law enforcement, call the New Mexico Consumer Protection Division toll-free at 1-844-255-9210.