'Tabnapping' Is a Terrifying New Phishing Attack
The attack works best against Firefox, but other browsers are not completely immune. Chrome, Safari and Internet Explorer can be made to load the fake page in the background, but the favicon and text in the tab don't always change. You can see the video of Raskin's proof of concept in action below, or you can visit his blog here. After opening his page, switch to another tab for at least five seconds. When you return you'll notice the favicon has changed, and a perfect copy of the Gmail log-in screen has replaced the post you were just reading. Terrifying.
This is just one more reason to pay extra attention to that address bar. [From: Aza Raskin, via: Krebs on Security]