Aza Raskin has discovered a new kind of phishing attack which permits to deceive the user when he navigates on the attacker's website and he determines to look a website in an other tab. Actually, it works also if the user use multiple browser windows but it's less stealthy. This attack works on all browsers (there is a little bug with the favicon on Safari).
If you want to test this you can go here or you can see his Proof of Concept in video :
Raskin's article : http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/
His Wikipedia's page : http://en.wikipedia.org/wiki/Aza_Raskin
His Twitter : http://twitter.com/azaaza
POC : http://www.azarask.in/projects/bgattack.js