Download Certificate- CMOs | ECIO | Most Admired Brand | Most Trusted Company

The BITB attack makes phishing almost undetectable


By MYBRANDBOOK


The BITB attack makes phishing almost undetectable

An unfamiliar phishing technique called browser-in-the-browser (BitB) attack can be exploited to imitate a browser window within the browser in order to trick a legitimate domain, thereby making it possible to stage convincing phishing attacks.

 

In early 2020, a campaign that leveraged the BitB trick to siphon credentials for video game digital distribution service Steam by means of fake Counter-Strike: Global Offensive websites was discovered.

 

According to penetration testers and security researchers, the method takes advantage of third-party single sign-on (SSO) options embedded on websites such as "Sign in with Google" (or Facebook, Apple, or Microsoft).

 

While the default behavior is to be greeted by a pop-up window to complete the authentication process when a user attempts to sign in via these methods, the BitB attack aims to replicate this entire process using a mix of HTML and CSS code to create an entirely fabricated browser window.

 

Potential victims need to be redirected to a phishing domain that can display such a fake authentication window for credential harvesting, while this method significantly makes it easier to mount effective social engineering campaigns.

 

Normally, the measures taken by a user to detect a phishing site include checking to see if the URL is legitimate, whether the website is using HTTPS, and whether there is any kind of homograph in the domain, among others. In this case, everything looks fine as the domain is steamcommunity[.]com, which is legitimate and is using HTTPS. But when it is tried to drag this prompt from the currently used window, it disappears beyond the edge of the window as it is not a legitimate browser pop-up and is created using HTML in the current window.
 BREAKING NEWS  BREAKING NEWS
Apple in talks to include OpenAI's generative AI tech in upcoming

Apple in talks to include OpenAI's generative AI tech in upcoming...

Apple has renewed talks with Sam Altman-led OpenAI about using its gener...

RBI criticizes TalkCharge and warns users for operating unauthori

RBI criticizes TalkCharge and warns users for operating unauthori...

Recently, the Reserve Bank of India warned the public about the risks reg...

Telecom players request Government to address revenue sharing mod

Telecom players request Government to address revenue sharing mod...

Telecom operators Bharti Airtel, Reliance Jio and Vodafone Idea repres...

Dell Technologies and Alienware unveil the new Alienware x16 R2 i

Dell Technologies and Alienware unveil the new Alienware x16 R2 i...

Dell Technologies and Alienware have launched the new Alienware x16 R2 in...

 TECHNO TRENDS  Placeholder image
Google Pay has added

Google Pay has added "Open Wallet" shortcut

With the introduction of the "Open Wallet" shortcut, Google Pay has impro...

TRAI targets to finalise National Broadcast Policy by May-end

TRAI targets to finalise National Broadcast Policy by May-end

The Telecom Regulatory Authority of India will finalise the National Broa...

TAC Security becomes Cyber Security Assessor for the App Defen

TAC Security becomes Cyber Security Assessor for the App Defen

The cybersecurity company, TAC Security has been selected as a key Cyber ...

InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce

InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce

In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

Salman Khan trolled for singing with B Praak at Anant Ambani's

Salman Khan trolled for singing with B Praak at Anant Ambani's

To celebrate Mukesh Ambani's youngest son Anant Ambani’s 29th birthday

Disney+ Hotstar wins the Best OTT Platform of the year

Disney+ Hotstar wins the Best OTT Platform of the year

Film Critics Guild and Group M Motion Entertainment, in collaboration with

 MOVERS & SHAKERS  Placeholder image
Amagi names its Chief Product Officer

Amagi names its Chief Product Officer

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium, the leader in real-time cross-border payments, today announced the ap
SISL elevates Ankita Wadhawan as CEO—End User Computing

SISL elevates Ankita Wadhawan as CEO—End User Computing

The IT service provider, SISL in a LinkedIn post announced the elevation

 OPEN YOUR EYES  Placeholder image

Ragnar Locker Hides in Virtual Machine to Escape from antivirus software
Newer Technology Solutions To Ensure Business Continuity During COVID-19
The disruption in the technology demands to ensure business continuity
Big Data and Cyber Security Brings Newer Challenges for WFH
On the technology aspect Remote Work, is now the buzz word in the Industry
 INTERVIEWS  Placeholder image
HPE’s transformation into an edge-to-cloud company is its un

HPE’s transformation into an edge-to-cloud company is its un

Check Point takes pride in providing customers with the best c

Check Point takes pride in providing customers with the best c

Check Point has categorized its 80 products and technologies into four main
Forcepoint positions itself as a trusted protector of sensitiv

Forcepoint positions itself as a trusted protector of sensitiv

To help SMEs and SMBs use the SASE/SSE framework and scale both in terms of
 HOT PICK  Placeholder image
COLORFUL rolls out an array of gaming laptops

COLORFUL rolls out an array of gaming laptops

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap
Canon India Introduces 4K Remote PTZ Camera Controller & 4K In

Canon India Introduces 4K Remote PTZ Camera Controller & 4K In

Canon India, a leading company in digital imaging solutions, further solidi
 MAKE IN INDIA BRANDS   Placeholder image
DELL TECHNOLOGIES INDIA PVT. LTD.  

DELL TECHNOLOGIES INDIA PVT. LTD.  


HP INDIA SALES PVT. LTD.  

HP INDIA SALES PVT. LTD.  


MICROMAX INFORMATICS LTD. 

MICROMAX INFORMATICS LTD. 


ATRIE TECHNOLOGY PVT. LTD.

ATRIE TECHNOLOGY PVT. LTD.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

Digitalization and digitization: The only way to move forward for Enterprises

While we end up deploying multiple tools and defin...

Digital Technologies playing a significant role in meeting the business objectives

In current times, cyber resilience is equal to bus...

Securing and improving the security postures from leading security breaches

We are pioneers in cybersecurity with a track reco...

 ICONS OF INDIA  Placeholder image

Technology Icons Of India 2023: Ashish Kumar Chauhan

Ashish works as the CEO of the National Stock Exchange (NSE). He is al...

Technology Icons Of India 2023: Som Satsangi

With more than three decades in the IT Sector, Som is responsible for ...

Technology Icons Of India 2023: B.V.R. Subrahmanyam

B.V.R. Subrahmanyam belongs to Andhra Pradesh. He is a 1987-batch IAS ...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Transforming Distribution in the digital era!

In today’s dynamic marketplace, coupled with the expanded scope and complexi...

Symmetrix Empowering Collaboration between OEMs, Customers, and SMEs for Seamless Project Execution and Growth

A robust support system exists that fosters seamless communication and collabo...

Creating a valuable and profitable long term business relationship to scale business growth

iValue is the center of the ecosystem, where it connects its channel partners ...

 PSU  Placeholder image

Leading company into fertilizers in the country 

NFL is a dynamic organization committed to serve the farming community...

New defence PSUs will help India become self-reliant 

MIL, India’s biggest manufacturer and market leader is engaged in Pr...

GSTN aims to integrate indirect tax ecosystem on a shared IT infrastructure  

Goods and Services Tax Network (GSTN) has built Indirect Taxation plat...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2023 : Apple India Pvt. Ltd.

Apple’s brand awareness is among the top of all other global tech companies....

Most Trusted Brands 2023 : IBM India Pvt. Ltd.

One of the world’s oldest and largest technology companies, IBM is credited ...

Most Trusted Brands 2023 : Reliance Jio Infocomm Limited  

Jio’s vision is to transform India with the power of digital revolution, to...

 Value-Added Distribution  Value-Added Distribution

SATCOM INFOTECH PVT. LTD.

Satcom Infotech Pvt. Ltd is a distribution houses in security in India...

FORTUNE MARKETING PVT. LTD.

Delhi based Fortune Marketing, An ISO 9001:2008 company, distributes ...

ACCERON INFOSOL PVT. LTD.

It is a leading value added distributor in the IT security space and h...

 ITFORUM 2024  
 WIITF 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 EMINENT CIO's OF INDIA   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
 TECHNOLOGY DISRUPTION Placeholder image

Social media marketing plays a critical role

Social media marketing plays a critical role

TeamViewer digitalizes warehouse operations at GlobalFoundries

TeamViewer digitalizes warehouse operations at GlobalFoundries

Fulcrum Digital plans to hire over 750 digital technology specialists in 2021

Fulcrum Digital plans to hire over 750 digital technology specialists in 2021

AWS Announces Availability of Amazon WorkSpaces in Mumbai

AWS Announces Availability of Amazon WorkSpaces in Mumbai

 UNICORNS REVOLUTIONISING Placeholder image

Lenskart Solutions Private Limited

Lenskart Solutions Private Limited

Builder.ai

Builder.ai

Chargebee Technologies Private Limited

Chargebee Technologies Private Limited

Dreamplug Technologies Private Limited

Dreamplug Technologies Private Limited


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW