Technology

New Imperceptible Phishing Technique – Browser in the Browser (BitB)

The Browser in the Browser (BitB). This technique is a different version of the traditional phishing that many users already know how to detect. 

Using the Browser in the attack, cybercriminals create what appears to be a pop-up from a legitimate service. Although false, it has been generated safely within the Browser. How? Adding to the fraudulent page, a fake address bar in the form of an image appears legitimate.

It’s basically like when we take a screenshot of a website and, when we see the image from our gallery, we confuse it with the website itself and clumsily try to click on one of the page’s utilities, which clearly doesn’t take us anywhere. 

Only, in this case, the part in which the credentials are entered is active, sending them to the cybercriminal once they have been joined; this cyber-attack is more design than technique. 

How can we detect these windows if they are similar to real ones?

In order not to fall into the trap of this new technique, we must:

  1. Check that a new window has been opened on the taskbar. If not, it is a false window.
  2. Try to resize the pop-up window. If you can’t, you may be facing a false window. In some, the minimize, expand, and close buttons do work, but if we minimized it, the browser window would also minimize it since it is not an independent window but is within the Browser itself.
  3. Try to move the window. As we have said in the previous point, being inside the Browser itself, if we tried to move it, we could only do it inside and not outside, as in the case of an actual window.
  4. Check that the padlock symbol is real and not an image. If you do it on a dedicated web page, clicking the padlock will show you the SSL certificate information.
  5. Try to change the content of the address bar. It will only be possible if it is a legitimate service.
  6. And, above all, apply common sense. Carefully examining the movements, we make on the web and not acting rashly is essential to avoid this type of deception. In case of doubt, it is always better to refrain from entering our data and consult a professional who can advise us.
Scrollsocial

Scrollsocial covers the latest in tech, business, apps, gadgets, marketing, entertainment, and lifestyle, delivering fresh insights and updates; stay informed and inspired in today’s digital world.

Leave a Comment
Share
Published by
Scrollsocial
Tags: BitBPhishing
2 years ago

Recent Posts

Jio Cloud Gaming: Stream Games on Any Device, Now!

Jio cloud gaming is one of the newest cloud gaming platforms launched by Reliance Group.… Read More

6 hours ago

How to Choose the Best Content Creators for the Promotions?

If you have come this far, it is because you are clear that you want… Read More

3 days ago

Chrome.//net-internals/dns – Clear DNS Cache on Chrome

Before discussing chrome.//net-internals/dns, you should know about the DNS server, what DNS is, and its… Read More

1 week ago

Top Follow APK Download | Get Free Top Followers Instagram

The Instagram social media platform has become one of the famous platforms for businesses,  creators, and self-employed… Read More

1 week ago

Nilkamal Sleep – Ban, Luxury Mattress, Furniture Online

Nilkamal Sleep - Ban: Nilkamal is one of the oldest household brands; it manufactures mattresses,… Read More

1 week ago

Giva – Delhi – Nirma: Exclusive Jewellery Store in Delhi

Giva Jewellery is a leading jewellery store in Delhi and all over India; they deliver… Read More

1 week ago