New Imperceptible Phishing Technique – Browser in the Browser (BitB)

The Browser in the Browser (BitB). This technique is a different version of the traditional phishing that many users already know how to detect. 

Using the Browser in the attack, cybercriminals create what appears to be a pop-up from a legitimate service. Although false, it has been generated safely within the Browser. How? Adding to the fraudulent page, a fake address bar in the form of an image appears legitimate.

It’s basically like when we take a screenshot of a website and, when we see the image from our gallery, we confuse it with the website itself and clumsily try to click on one of the page’s utilities, which clearly doesn’t take us anywhere. 

Only, in this case, the part in which the credentials are entered is active, sending them to the cybercriminal once they have been joined; this cyber-attack is more design than technique. 

How can we detect these windows if they are similar to real ones?

In order not to fall into the trap of this new technique, we must:

  1. Check that a new window has been opened on the taskbar. If not, it is a false window.
  2. Try to resize the pop-up window. If you can’t, you may be facing a false window. In some, the minimize, expand, and close buttons do work, but if we minimized it, the browser window would also minimize it since it is not an independent window but is within the Browser itself.
  3. Try to move the window. As we have said in the previous point, being inside the Browser itself, if we tried to move it, we could only do it inside and not outside, as in the case of an actual window.
  4. Check that the padlock symbol is real and not an image. If you do it on a dedicated web page, clicking the padlock will show you the SSL certificate information.
  5. Try to change the content of the address bar. It will only be possible if it is a legitimate service.
  6. And, above all, apply common sense. Carefully examining the movements, we make on the web and not acting rashly is essential to avoid this type of deception. In case of doubt, it is always better to refrain from entering our data and consult a professional who can advise us.
Scrollsocial

We Scrollsocial updates all the information from the categories of News, Entertainment, Technology, Business, Gadgets, Marketing, Sports and Lifestyle things.

Leave a Comment
Share
Published by
Scrollsocial
Tags: BitBBrowser in the BrowserPhishing
1 year ago

Recent Posts

How the Multi-Device Option Works On WhatsApp

In this article, we will guide you on how to use WhatsApp's multi-device feature. Many… Read More

4 days ago

Is Thyroid the Reason For Gaining Weight?

People suffering from hypothyroidism have a slower metabolism, and even if they have a low… Read More

1 week ago

What are Private Clouds and Their Benefits?

In a world where data security and control of IT resources are paramount, private clouds… Read More

2 weeks ago

Best Tools For Paying For Advertising Campaigns in 2024: From Google Ads to TikTok Ads

Today, businesses constantly have to adapt to new market conditions and requirements. This is especially… Read More

2 weeks ago

Essential Techniques to Improve Off-Page SEO

Did you know that external positioning factors, those that you cannot control directly on your… Read More

3 weeks ago

How to Know Others Access Your WhatsApp Account?

WhatsApp is an essential communication tool but can be vulnerable to unauthorized access. Learn how… Read More

3 weeks ago