Aza Raskin found a clever way to phish users' credentials. The idea consits of waiting until a visitor switches tabs to replace the favicon and page content with a fake site.
You can try the attack by visiting http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/ . After loading the page, switch tabs for a few seconds and then go back to Aza's site.
You can avoid falling for this attack by: