Your IT Consultant

BitB Attack Makes Phishing Nearly Invisible

March 22, 2022

Another day, another security headache. Normally, you would have confidence that a website was safe if it was encrypted with “https” in the URL. Not so fast. Threatpost reports that a Browser-in-a-Browser (BitB) attack is very successful in phishing your Google, Facebook, Microsoft, etc. credentials. First off, even though https indicates an encrypted connection, it doesn’t mean the site is safe. There are several free sites (e.g. Let’s Encrypt) where a cybercriminal can get a valid digital certificate to create a secure website for no cost. The BitB attack pops a SSO (Single Sign-On) window prompting for your Google, Facebook, Microsoft, etc. logon credentials. We’ve all seen these SSO popups before. The problem here is that the BitB SSO is fake and gets you to give up your logon credentials.

As the post states, “The BitB attack can also flummox those who use the trick of hovering over a URL to figure out if it’s legitimate.” In other words, just because you put a mouse cursor over a URL doesn’t mean that the displayed destination is accurate. The code displays a destination URL that appears to send you to a safe place even though the actual destination is a malicious site.

Perhaps the message is to avoid SSO logins to begin with?

Email:   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com