When a person leaves the web page open for a long time, they get a javascript message asking them to change the page's content or click on some link that redirects the page to some bank's login screen or an eCommerce site. 

If the user clicks the tab to uncover the page or search the previous page- they may not get any, assuming they have been logged out. 

Then, they are asked to fill in the user data and password to log in to the site and re-enter information collected by scammers who create a spoofed site to get it transferred to the cheats. If you see the link carefully, you will notice the URL is different or not functioning on a secure connection. 

It is a phishing attack that manipulates inactive pages and redirects them to a duplicate page that can control the activities happening on the site. The objective is to send the victim to deceitful websites. 

They may not notice the difference between the original and the imitation site and enter secretive credentials into the registration pages. It happens when multiple tabs are opened, and the user is multitasking. In such cases, even when you do not click on the site, it may open, and you may be tempted to re-enter the details. 

How To Protect Yourself?

• Do not open multiple tabs while conducting multiple financial transactions.

• Install anti-spyware and updated apps, and always use filters to eliminate unwanted incoming links from the browsers. In addition, block malicious and illegitimate sites known for such attacks. 

• Carefully check the address bar if something appears suspicious. Always verify the site carefully before entering your details. 

• You can organise the open pages by having a window to fill in details and one for other tasks. 

• If you suspect identity theft, report it to the authorities, and remain alert of the suspicious activities on your account.