This is a basic demonstration of TabNapping. Everything is done locally.
- Attacker creates a malicious web page that looks genuine to the Victim.
- What the Victim doesn’t know is that the page contains malicious java script and once the victim navigates away from this page it will load the Attackers Fake Hotmail Site.
- This page and tries to convince the victim to enter their credentials.
- One the victims credentials are entered they will be sent back to the Attacker.
- This is the main concept of TabNapping: The victim could have many tabs opened and not even realize that one tab has suddenly changed.