Latest News
Browser In The Browser (BITB) Attack makes phishing site difficult to detect
Browser In The Browser (BITB) Attack technique simulates a browser window within a browser to spoof a legitimate domain. An attacker can use this Browser in the Browser technique to gather user credentials by creating a login page that seems similar to Google, Microsoft, Apple, etc. Replicating the entire browser window in a Pop-Up window with an iframe pointing to the malicious server hosting the phishing page makes it indistinguishable between the original and fake window by just looking into the URL. But the target user would still need to land on an attacker-owned website for the pop-up window to be displayed.
