A new phishing variant has been observed recently, the Browser in the Browser (BitB). It is simply an attack aimed at deceiving the usual detection techniques by generating a fake window inside a real window.
Indeed, most of the time, the victim detects a phishing login page by checking the legitimacy of the URL displayed in the browser's address bar. The Browser in the Browser bypasses this detection technique by turning it against the user. The fake window will display a legitimate address to make the user trust it.
This technique is still improvable, it is not possible to separate the fake window from the real one. It is also impossible to display the fake window in full screen or to allow the user to resize it.
However, the attacker can directly detect the browser used by their target and whether it is in light or dark mode. With this information, the attacker will adapt their fake window to make it more coherent.
In the face of this type of attack, it is important to communicate so that the Browser in the Browser does not remain unknown. Train employees to check the links they receive via email and to carefully observe the nature of login pop-ups.
The "classic" anti-phishing arsenal remains in place:
- Anti-phishing filter
- Web proxy
- Phishing awareness solution
In this video, you will learn:
- What is the Browser in the Browser attack?
- What does the technique of "Browser in the Browser" look like through a demonstration?
- How to prevent the Browser in the Browser?
- What improvements can be expected regarding these attacks?