PandaLabs Q2 report details new ‘tabnabbing’ phishing scam

- The Q2 report also reveals that 52% of new malware created in Q2 were Trojans
- Classic viruses continue their resurgence, accounting for 24.35% of new threats, more than ten points up on the previous quarter.

Online PR News – 01-July-2010 – – Taiwan, Russia and Turkey top the regional ranking of most infected computers.

PandaLabs, Panda Security’s anti-malware laboratory has published its Quarterly Report on IT Threats covering the period between April and June 2010. Among other news, it describes a new, potentially dangerous phishing technique: Tabnabbing.

Tabnabbing consists of exploiting the tab browsing system in modern browsers to make users believe they are in a familiar Web page such as Gmail, Hotmail, Facebook... and stealing their passwords.

The modus operandi is quite simple.

1. A JavaScript command is used to detect when a user is not viewing a page that they have previously opened. This code can be used to automatically rewrite the content of the page, as well as the icon and the title, spoofing the appearance of the original page.
2. Having browsed through different Web pages and opened numerous tabs, if users want to go to, say, their Gmail account, they check whether the corresponding tab is open. In this case, it is now the fake Gmail Web page. Users cannot remember when they accessed the Web page and on seeing the login form assume they opened it a long time ago and the session has expired.
3. When they enter their login credentials, the fake page stores the data and redirects users to the original page.

PandaLabs therefore advises users to close all pages that are not actively using.

Trojans once again top the rankings

In this second quarter of the year, Trojans once again represent the category of malware that has grown most, accounting for 51.78% of the total. Interestingly, traditional viruses also appear to be making a comeback in recent months and have risen 10 points over the last two quarters, now accounting for 24.35% of all new malware.

Pic available at:

The ranking of infections by region once again sees Taiwan at the top, with more than 50% of computers infected, followed by Russia and Turkey.

You can see this pic at:

Security incidents related with social networks, Black Hat SEO techniques and some of the numerous vulnerabilities discovered over the last three months are a few of the other points covered in the report which can be downloaded free from:

About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 99.4% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), who work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog:

For more information:
Tel. +34 91 806 37 00