"Tabnabbing" is the term for a new kind of attack, which can be summarized as grabbing a Web browser tab when you aren't looking and making it appear as another site.

Aza Raskin, lead designer for Firefox, created a page that illustrates this. If you click on that link and then ignore it for a while (create and switch to another tab), Aza's page will turn into a lookalike for Gmail. You would then be tempted to fill in your username and address to access your account, believing that the page had timed out. The page would then save this information for whatever malicious purpose and send you to the real Gmail page so you would not know that you had just disclosed your username and password. Aza claims this will work in "all major browsers," and it has been confirmed in Internet Explorer, Safari, Google Chrome, and Firefox.

Aza's example isn't too difficult to spot; if you look at the Address Bar you will see this URL still points to his domain, but he could easily redirect you to a non-Latin domain name that looks like a different website which would be harder to spot. His example takes you to a Gmail lookalike but it could be Facebook or any other high profile site.

What should you do to protect yourself? If you use Firefox, use the Account Manager feature that is supposed to help protect you from this kind of attack. If you use another browser, double-check the address in the toolbar before typing in your username and password.