Technology

New Imperceptible Phishing Technique – Browser in the Browser (BitB)

The Browser in the Browser (BitB). This technique is a different version of the traditional phishing that many users already know how to detect. 

Using the Browser in the attack, cybercriminals create what appears to be a pop-up from a legitimate service. Although false, it has been generated safely within the Browser. How? Adding to the fraudulent page, a fake address bar in the form of an image appears legitimate.

It’s basically like when we take a screenshot of a website and, when we see the image from our gallery, we confuse it with the website itself and clumsily try to click on one of the page’s utilities, which clearly doesn’t take us anywhere. 

Only, in this case, the part in which the credentials are entered is active, sending them to the cybercriminal once they have been joined; this cyber-attack is more design than technique. 

How can we detect these windows if they are similar to real ones?

In order not to fall into the trap of this new technique, we must:

  1. Check that a new window has been opened on the taskbar. If not, it is a false window.
  2. Try to resize the pop-up window. If you can’t, you may be facing a false window. In some, the minimize, expand, and close buttons do work, but if we minimized it, the browser window would also minimize it since it is not an independent window but is within the Browser itself.
  3. Try to move the window. As we have said in the previous point, being inside the Browser itself, if we tried to move it, we could only do it inside and not outside, as in the case of an actual window.
  4. Check that the padlock symbol is real and not an image. If you do it on a dedicated web page, clicking the padlock will show you the SSL certificate information.
  5. Try to change the content of the address bar. It will only be possible if it is a legitimate service.
  6. And, above all, apply common sense. Carefully examining the movements, we make on the web and not acting rashly is essential to avoid this type of deception. In case of doubt, it is always better to refrain from entering our data and consult a professional who can advise us.
Scrollsocial

Scrollsocial covers the latest in tech, business, apps, gadgets, marketing, entertainment, and lifestyle, delivering fresh insights and updates; stay informed and inspired in today’s digital world.

Leave a Comment
Share
Published by
Scrollsocial
Tags: BitBPhishing
2 years ago

Recent Posts

Why You Should Switch to a Zero Brokerage App?

Benefits of Using a Zero Brokerage App in India Investing has become increasingly popular, with… Read More

1 week ago

Tips to Improve Your LinkedIn Profile with SEO Strategy

You have a complete profile and hundreds of contacts, and you have been posting regularly… Read More

2 weeks ago

Things You Should Know About Folic Acid and Its Limitations

The importance of folic acid is mentioned mainly in connection with pregnancy. During pregnancy, its… Read More

3 weeks ago

Chrome.//net-internals/dns | How to Clear DNS Cache

Before discussing chrome.//net-internals/dns, you should know about the DNS server, what DNS is, and its… Read More

4 weeks ago

How to Develop a Digital Marketing Campaign in 2025

Digital Marketing is the set of strategies focused on promoting a company or brand on… Read More

1 month ago

How to Choose Vitamin C Serum and When to Apply It?

Do you want to get rid of skin fatigue? Vitamin C Serum is the answer.… Read More

1 month ago