Consumer Fraud Reporting
Phishing Popups
Reporting on the Latest Frauds, Scams, Fake Lotteries, Spams and Hoaxes

Home Email this page GovernmentAgencies Recognize a scam Report a Scam If you are scammed Your wallet is stolen? Prevent scams Free Publications Recommended Feedback to CFR Glossary Search Credit Card Rights Bookmark and Share



AV product:

Phishing PopUps- Fake Requests for Personal Financial Information

What are Phishing Pop-ups?

Many browsers make use of tabs and popup windows. But how do you know if the contents of the popup belong to the company identified on it? Secunia, a web security company, recently issued a security report detailing how most major web browsers with the tabbed browsing feature (what is this?) were susceptible to two different weaknesses that phishers are now exploiting.

Which browsers are at risk?

The browsers identified in the report were:

  • Avant Browser 9.02 build 101 and 10.0 build 029
  • Camino 0.8
  • Konqueror 3.2.2-6
  • Maxthon (MyIE2) 1.1.039
  • Mozilla 1.7.3
  • Mozilla Firefox 0.10.1
  • Netscape 7.2
  • Opera 7.54

The only platform not a risk (which is a surprise, given its past track record) is Microsoft's Internet Explorer; probably only because IE doesn't even support tabs.

How Does the Scam Work?

There are two main methods employed:

  1. A popup appears that is from a company that you have open in another tab
    You may have several tabs or windows open with several different websites; for example, PayPal, Google, and Ebay. Suddenly a popup box opens, that looks like it is from PayPal, and it asks you, "for verification purposes", to enter your password and your credit card information. It may not have been from PayPal at all, and you just gave the crooks your details. For an example of this, visit the demo site at Secunia using one of the browsers in the list above and follow the instructions.

    They are able to do this because the browser doesn't tell the user which tab is responsible for the popup box, and inactive tabs are allowed to spawn pop-ups..
  2. A login form or site's form appears not to be working
    You may have several tabs or windows open with several different websites; for example, PayPal, Google, and Ebay. You encounter a login form on one of the sites; nothing unusual there. You type in your username and password, but nothing shows up. So, you re-enter the information. But, still nothing. You may just assume that the website has temporarily stopped working, so you close the window and carry one elsewhere. but what may have happened is that everything you typed actually went into a form on a site found on one of the other open tabs. For a demo site for this, click on the link!

What Can you Do to Protect Yourself from this Phishing Theft

  • Doesn't use the tab feature for sites with sensitive information - Obviously, since this problem only occurs in tabbed browsers, you could avoid them... but the other browsers have different problems. Another solution is to only open sensitive websites in their own windows; not in a separate tab of an open window!
  • Another simple solution is a browser plug-in from Netcraft that displays information about the site being visited, such as its geographic location. This won't prevent the popup, but If you notice that your bank's site is being provided from Nigeria, you can assume that it is not legitimate.  Click here to read more about the Netcraft toolbar.
  • Be suspicious if a popup asks for your personal information.
  • Act immediately if you’ve been hooked by a phisher. If you provided account numbers, PINs, or passwords to a phisher, notify the companies with whom you have the accounts right away. For information about how to put a “fraud alert” on your files at the credit reporting bureaus and other advice for ID theft victims, contact the Federal Trade Commission’s ID Theft Clearinghouse, or toll-free, 877-438-4338. The TDD number is 202-326-2502.
  • See our What to do, if you think you have been the victim of identity theft page!
  • Even if you didn’t get hooked, report phishing. Tell the company or agency that the phisher was impersonating. You can also report the problem to law enforcement agencies through the National Fraud Information Center/Internet Fraud Watch, or 800-876-7060, TDD 202-835-0778. The information you provide helps to stop identity theft.    

 Reporting a Possible Phishing Attack

If you need advice about an Internet or online solicitation, or you want to report a possible scam, use the Online Reporting Form or call the NFIC hotline at 1-800-876-7060


For More Information About Phishing, See:


Copyright CFR 2005, 2006, 2007, 2008, 2009  - Definition of scam, fraud, etc.Legal disclaimer / corrections / complaints  -  Privacy Policy
Names used by scammers in the examples on this page and others often belong to real people and businesses who often have no knowledge of nor connection to the scammer's use of their name and information.  Sample scam emails and other documents are copies of the scam to help potential victims recognize and avoid it.  You should presume that any names used and presented here in a scam are either fictitious or used without their legitimate owner's permission.
Email us at: