How many times have you opened a tab, only to navigate away from it for a few minutes, hours, or even overnight? When you return to that tab, having to log in again isn’t unexpected. After all, who keeps track of each page’s refresh schedule and log-out timer? Not us! This type of behavior makes web pages vulnerable to tabnapping, though — and this sort of cyberattack preys on users of sites that deal with private information, such as email providers and social media portals. Tabnapping relies on a user’s trust in the websites they’re familiar with, along with their inattention to detail, especially when it comes to the tabs they have open.
Note: Sometimes you’ll see “tabnapping” written as “tabnabbing.” The term “tabnapping” is a combination of “tab” and “kidnapping.” It stands to reason that “tabnabbing” is a combination of “tab” and “nab.” Either way, they both refer to the same scheme, and in our case, we’re going with the “tabnapping” version.