Technology

New Imperceptible Phishing Technique – Browser in the Browser (BitB)

The Browser in the Browser (BitB). This technique is a different version of the traditional phishing that many users already know how to detect. 

Using the Browser in the attack, cybercriminals create what appears to be a pop-up from a legitimate service. Although false, it has been generated safely within the Browser. How? Adding to the fraudulent page, a fake address bar in the form of an image appears legitimate.

It’s basically like when we take a screenshot of a website and, when we see the image from our gallery, we confuse it with the website itself and clumsily try to click on one of the page’s utilities, which clearly doesn’t take us anywhere. 

Only, in this case, the part in which the credentials are entered is active, sending them to the cybercriminal once they have been joined; this cyber-attack is more design than technique. 

How can we detect these windows if they are similar to real ones?

In order not to fall into the trap of this new technique, we must:

  1. Check that a new window has been opened on the taskbar. If not, it is a false window.
  2. Try to resize the pop-up window. If you can’t, you may be facing a false window. In some, the minimize, expand, and close buttons do work, but if we minimized it, the browser window would also minimize it since it is not an independent window but is within the Browser itself.
  3. Try to move the window. As we have said in the previous point, being inside the Browser itself, if we tried to move it, we could only do it inside and not outside, as in the case of an actual window.
  4. Check that the padlock symbol is real and not an image. If you do it on a dedicated web page, clicking the padlock will show you the SSL certificate information.
  5. Try to change the content of the address bar. It will only be possible if it is a legitimate service.
  6. And, above all, apply common sense. Carefully examining the movements, we make on the web and not acting rashly is essential to avoid this type of deception. In case of doubt, it is always better to refrain from entering our data and consult a professional who can advise us.
Scrollsocial

Scrollsocial covers the latest in tech, business, apps, gadgets, marketing, entertainment, and lifestyle, delivering fresh insights and updates; stay informed and inspired in today’s digital world.

Leave a Comment
Share
Published by
Scrollsocial
Tags: BitBPhishing
2 years ago

Recent Posts

Nintendo Switch 2: Rumours Claim Switch 2 Arriving in 2025

Nintendo Switch 2: It's an open secret that the next generation of Nintendo's console ,… Read More

5 days ago

Top NBFCs Offering MSME Loans for Trading in 2025

Introduction India has seen MSMEs gain much importance in the last few years. MSMEs provide… Read More

1 week ago

Aarya Editz – Mobile Photo Editing Tips – Aarya Editz App

If you are in a category of photo editing or in a photography you seen… Read More

2 weeks ago

SEO Ranking Strategy: 2025 Trends

There are many SEO trends in 2025, and in this article we are here to… Read More

3 weeks ago

Why You Should Switch to a Zero Brokerage App?

Benefits of Using a Zero Brokerage App in India Investing has become increasingly popular, with… Read More

1 month ago

Tips to Improve Your LinkedIn Profile with SEO Strategy

You have a complete profile and hundreds of contacts, and you have been posting regularly… Read More

1 month ago