All news with #browser in the browser tag

🔒 Browser-in-the-browser (BitB) phishing renders convincing fake login pop-ups inside malicious pages, and Kaspersky reports attackers are now using this technique in real campaigns to steal Facebook credentials. Threat actors create counterfeit authentication dialogs and even fake address bars so visual inspection is unreliable. Use a password manager — it checks the actual origin before auto-filling — and enable 2FA, adopt passkeys, and use unique passwords to reduce risk.

🔒 Cybercriminals are increasingly using browser-in-the-browser (BitB) attacks to harvest Facebook credentials, researchers at Trellix report. Attackers distribute phishing emails with spoofed, shortened links and present a fake in-browser pop-up that mimics the Facebook login — even hardcoding the real Facebook URL and displaying a bogus CAPTCHA to boost credibility. Victims are prompted for personal details and then asked to confirm their password; enabling two-factor authentication and avoiding embedded links can mitigate these scams.

🔐 Over the past six months, threat actors have increasingly used the Browser-in-the-Browser (BitB) technique to harvest Facebook credentials, according to Trellix. Attacks display realistic fake login pop-ups implemented with iframes and often leverage URL shorteners and reputable cloud hosts like Netlify and Vercel to evade detection. Campaigns impersonate law firms, copyright notices, and Meta security alerts, adding counterfeit CAPTCHA pages to increase legitimacy. To reduce risk, avoid embedded links, enable two-factor authentication, and verify whether login windows can be dragged outside the browser to detect BitB.

🛡️ Researchers report that the Sneaky2FA phishing-as-a-service kit now includes browser-in-the-browser (BITB) functionality that lets attackers embed a fake browser window with a customizable URL bar to mimic legitimate sites such as Microsoft. The iframe-backed pop-up captures credentials and MFA codes in real time, enabling attackers to hijack active sessions. This change lowers the skill threshold for criminals and undermines many signature-based defenses, prompting calls for updated training and stronger browser configurations.

🔒 Sneaky2FA has integrated a Browser-in-the-Browser (BitB) pop-up that impersonates Microsoft sign-in windows and adapts to the victim’s OS and browser. Used alongside its existing SVG-based and attacker-in-the-middle (AitM) proxying, the BitB layer renders a fake URL bar and loads a reverse-proxy Microsoft login to capture credentials and active session tokens, enabling access even when 2FA is active. The kit also employs heavy obfuscation and conditional loading to evade analysis.

🔒 Push Security says the Sneaky 2FA Phishing-as-a-Service kit now leverages Browser-in-the-Browser (BitB) pop-ups to impersonate Microsoft login pages and conceal malicious URLs. Victims first pass a Cloudflare Turnstile bot check before a fake "Sign in with Microsoft" flow is loaded in an embedded BitB window that exfiltrates credentials and session data. The campaign pairs conditional loading, developer‑tool blocking, obfuscation, and rapid domain rotation; organizations should tighten conditional access and users should avoid unknown links and browser extensions.