Web platforms are connected through links.

Users navigate from one page to another by clicking links to contents of interest.

This enhances the user experience and impacts search engine optimization (SEO).

Woman on a laptop at home

But it all goes south when cybercriminals step on the scene.

Your reputation is at stake when people are exposed to threats on your platform.

Take control of your security by learning how reverse tabnabbing attacks work and how to prevent them.

Someone Working on a Laptop

What Is Reverse Tabnabbing?

How Does Reverse Tabnabbing Work?

Let’s play out how a typical reverse tabnabbing attack works.

Man using both a laptop and a phone

A new tab opens on your net web client upon clicking the link.

The page looks like the original page where you saw the comment.

Theres some information on the new tab.

Woman working on a laptop in bed

You read it and it pricks your curiosity.

A login interface pops up, requesting that you jump in to continue your browsing session.

You proceed to put in your login credentials and the rest is history.

How Can You Prevent Reverse Tabnabbing Attacks?

Reverse tabnabbing takes advantage of the legitimacy of an authentic web page.

As a data pipe owner, you cansecure your web browserand prevent reverse tabnabbing attacks in the following ways.

Any actions on the fake page will have no impact on your website.

If you are hosting your site on WordPress, you are covered from this attack to a large extent.

It’s a security measure that focuses on browsers with no impact on traffic.

It offers extra layers of security by blocking the new tab from seeing your identity.

That information is valuable to threat actors as they can use it to plan further attacks.

In noreferrer, theres no record or link to your website even though the traffic is generated from there.

The more you link to high-ranked sites, the higher your ranking grows.

Noreferrer nullifies all links even when you link to credible sites.

Just like the noopener attribute, noreferrer is an automatic feature on WordPress.

This automatically impacts your inbound strategy to increase your ranking by linking to authority sites.

The same thing happens when other sites link to yours.

But with unsolicited and malicious links being on your site, you don’t need to approve every link.

Threat actors also use tabnabbing to increase their ranking and traffic.

If your website ranks high in search engines, other sites you link to will benefit from its ranking.

This isolation prevents attackers from accessing the data on your own pages.