Are you a multitasking short attention spanned surfer like me? Or perhaps like the masses of web surfers it might be a good idea to un-check that java script option in your browser. A new phishing tactic is relying on your absent mindedness to gain access to your precious accounts. The phishing site appears to be harmless until it attempts to run a time delayed java script. The script alters the appearance of one of your tabbed browser screens (ie. from your gmail account login page to a fake gmail login page). Thus when you return to that tab you wrongly assume it is safe to enter in your account information.
Crafty indeed. I hardly check URLs in tabbed screens when I return to them but I certainly will from now on. This attack can be used on any website you visit so be sure to keep tabs on your tabs.