session piggyback - This is where an unknown identity acts to take over a legitimate on-line session after the known identity has successfully authenticated. It can be thwarted by good application design.

Source: http://identityaccessman.blogspot.com/2006/08/identity-dictionary.html