Passwords and other sensitive information can now be easily obtained using a variety of phishing methods. However, a new phishing tactic known as the BitB attack has recently been uncovered, and it is so perfectly crafted that most people would fall for it.
This method entails creating a bogus pop-up login window that displays on a website. By combining HTML with CSS, threat actors create a bogus pop-up login window that appears on a web page. Threat actors integrate an iframe pointing to a malicious server. This server hosts the phishing web page into the browser’s window design, ensuring that the server remains undetectable.
This new phishing technique was discovered by a cybersecurity analyst known as mrd0x.