There’s a new type of phishing technique called BIBT short for Browser In The Browser which is going viral among the developers because of its unique technique. It’s a phishing technique that simulates a browser window within the browser to spoof a legitimate domain.
Published by Mr.d0x on his blog, this simple and unique technique can be a very effective tool in a phishing attack. You can learn more about the BIBT attack here.
BIBT phishing in simple words
To explain in a simple way, the BIBT technique masquerades the pop-up window to look like you are authenticating the real Google, Facebook, Apple, etc. and thereby giving away your login credentials to the hackers.
We often use Google, Microsoft, Apple, Facebook, etc. to authenticate for sign up and log in to other websites.
Like the below example image where we can sign up/ log in to Canva using our Apple, Facebook, Google accounts.
One of the ways to detect phishing sites is to check the URL of the site to determine if it’s a legitimate website.
Mrd0x BIBT’s technique can masquerade the URL in Pop-up login windows, making it feel like you are logging in to the real website by replicating the entire window design using basic HTML/CSS and combining the window design with an iframe pointing to the malicious server hosting the phishing page.
The image below shows the fake window compared with the real window. Very few people would notice the slight differences between the two.
You can view this YouTube video to understand how this technique can be implemented as a phishing technique.
This phishing technique can easily collect your Google, Facebook, Apple login credentials.
Imagine this scenario where you come across a website (phishing site) that promises free products etc. and falling for it, you need to authenticate using your Google, Facebook, Apple ID and where you typed in your email and password. The hackers will be able to get hold of your email and password and can misuse it accordingly.
How to detect BIBT phishing
There are some ways to see if it is BIBT phishing. Here’s how you can check it.
- One way of detecting BITB is by attempting to drag the window to the edge of the browser. If the window cannot escape the browser then it’s not a real window.
- Another way is to refresh the link on the pop-up window. If it’s not genuine, it will not load or refresh the pop-up link
- Another method is to auto-login. If it is not auto-login even if you are already signed in to Google, Facebook, etc., then it is not genuine.
Watch the video to understand how you can detect such BIBT phishing.
Be safe from phishing attacks!
Sources and References:
Also read about this Facebook phishing technique: Don’t fall for this ‘Fǝœbook security’ phishing