A new UI redressing technique, know as Browser In The Browser (BITB), has given phishing a shot in the arm by making such attacks nearly untraceable in their design. This method is used to steal login credentials by juxtaposing a realistic replica of a third-party SSO login window that is usually redirected by a website’s login page (Instagram, Facebook, Twitter etc.). For instance, if a user sign into a website via Google, the BITB attacker spoofs Google’s authentication window to dupe the user of their credentials.
According to the pseudonymous cybersecurity researcher mr.dox, BITB attacks, under the guise of a reliable URL domain, are executed by faithfully replicating the window’s design using HTML/CSS techniques. The designed window is then combined with an iframe that directs to a malicious server that hosts the phishing page.
The article also pointed to a github link that contains the templates of fake login windows of Windows and Mac OSX browsers created by mr.dox for testing purposes.