PiChris - Fotolia
I heard about a phishing technique called "tabnapping." What is it, and what are the best enterprise defenses against it?
The best enterprise tabnapping defense is to keep Web browsers up to date. Using antimalware software and an antimalware network device to block malicious webpages will also help mitigate the risk of attack.
Additionally, security awareness trainings should include that employees must review the URL bar prior to entering credentials into a webpage. However, it is difficult to always check the URL bar -- especially on mobile devices -- so an enterprise may want to specifically brand its login portals to help employees quickly distinguish a legitimate login page from a malicious one.
Ask the Expert!
Perplexed about enterprise security? Send Nick Lewis your questions today! (All questions are anonymous.)
Learn how to prevent phishing attacks with social engineering tests
Don't miss the latest security awareness training tips and advice
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Nick Lewis
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been... Continue Reading
A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it... Continue Reading
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.