This article talks about how there is a phishing technique a called browser in the browser (BitB) This attack is able to be exploited to simulate a browser window within the browser to spoof a legitimate domain. It then makes it possible to create a convincing phishing attack. This type of attack takes advantage of 3rd party single sign on (SSO). Normally, a pop up window will be created to complete the sign on process and the BitB creates a fabrication browser window to replicate the process. By doing this, it becomes undetectable.
https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html
Leave a Reply