HTML phishing attachment with browser-in-the-browser technique, (Thu, Feb 16th)

Although the browser-in-the-browser (BitB) technique has been with us for a while now[1], it is far from what one might call ubiquitous. Simply put, the technique is based on displaying a simulated browser pop-up window (usually a login prompt) within the confines of an HTML page opened in a browser. The simulated pop-up may look almost indistinguishable from a real browser window and since it may contain an arbitrary URL in the simulated address bar, the use of the BitB …

attachment bitb browser browser-in-the-browser call html login may phishing pop url