Download Certificate- Most Promising Partner | ECIO | Most Admired Brand | Most Trusted Company

The BITB attack makes phishing almost undetectable


By MYBRANDBOOK


The BITB attack makes phishing almost undetectable

An unfamiliar phishing technique called browser-in-the-browser (BitB) attack can be exploited to imitate a browser window within the browser in order to trick a legitimate domain, thereby making it possible to stage convincing phishing attacks.

 

In early 2020, a campaign that leveraged the BitB trick to siphon credentials for video game digital distribution service Steam by means of fake Counter-Strike: Global Offensive websites was discovered.

 

According to penetration testers and security researchers, the method takes advantage of third-party single sign-on (SSO) options embedded on websites such as "Sign in with Google" (or Facebook, Apple, or Microsoft).

 

While the default behavior is to be greeted by a pop-up window to complete the authentication process when a user attempts to sign in via these methods, the BitB attack aims to replicate this entire process using a mix of HTML and CSS code to create an entirely fabricated browser window.

 

Potential victims need to be redirected to a phishing domain that can display such a fake authentication window for credential harvesting, while this method significantly makes it easier to mount effective social engineering campaigns.

 

Normally, the measures taken by a user to detect a phishing site include checking to see if the URL is legitimate, whether the website is using HTTPS, and whether there is any kind of homograph in the domain, among others. In this case, everything looks fine as the domain is steamcommunity[.]com, which is legitimate and is using HTTPS. But when it is tried to drag this prompt from the currently used window, it disappears beyond the edge of the window as it is not a legitimate browser pop-up and is created using HTML in the current window.
 BREAKING NEWS  BREAKING NEWS
Elon Musk Merges X with xAI in $33 Billion Stock Deal

Elon Musk Merges X with xAI in $33 Billion Stock Deal...

Elon Musk has made waves once again by merging X (formerly Twitter) with...

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu...

The scheme aims to attract an investment of INR 59,350 Cr, resulting in pro...

Govt Drops Import Duty making EV Batteries cheaper

Govt Drops Import Duty making EV Batteries cheaper...

The Centre is taking measures to counter the impact of US President Donald ...

CERT-In’s New Advisory Unveils Hidden Cyber Threats

CERT-In’s New Advisory Unveils Hidden Cyber Threats...

The advisory highlights critical vulnerabilities in AI models, outlines mul...

 TECHNO TRENDS  Placeholder image
Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

The outcome of the legal dispute between X Corp and the Indian government c...

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

The agreement, executed through Wipro and its 100% subsidiary,...

Centre announces that DPDP Rules nearing Finalisation by April

Centre announces that DPDP Rules nearing Finalisation by April

The government seeks to refine the rules for robust data protection, ensuri...

Home Ministry cracks down on PoS agents in digital arrest scam

Home Ministry cracks down on PoS agents in digital arrest scam

Digital arrest scams are a growing cybercrime where victims are coerced or ...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

Hrithik Roshan to endorse RuPay as Brand Ambassador

Hrithik Roshan to endorse RuPay as Brand Ambassador

RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha
India Today Group launches – AI Pop Stars

India Today Group launches – AI Pop Stars

Staying true to our industry leadership position in using cutting-edge tech
 MOVERS & SHAKERS  Placeholder image
Cloudflare Promotes Goran Risticevic as VP & MD for APAC

Cloudflare Promotes Goran Risticevic as VP & MD for APAC

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE
Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s
 OPEN YOUR EYES  Placeholder image

It is time to protect your critical business priorities from attackers

Ragnar Locker Hides in Virtual Machine to Escape from antivirus software
Contact-less Technology to Bring Revolution In This Pandemic Era
India's IT industry has moved nearly two thirds of its 4.36 million workforces to work from home
The disruption in the technology demands to ensure business continuity
 INTERVIEWS  Placeholder image
In India, 88% of Indian business leaders are planning to inves

In India, 88% of Indian business leaders are planning to inves

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando stands out in the DPU (Data Processing Unit) market with its u
Acer addresses evolving customer needs by consistently pushing

Acer addresses evolving customer needs by consistently pushing

Acer offers a comprehensive range of products under one roof, including des
 HOT PICK  Placeholder image
ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

MSI Announces the availability of RTX 50 series of laptops in

MSI Announces the availability of RTX 50 series of laptops in

MSI, the innovative computing manufacturer in gaming, creator
Nothing Phone (3a) goes on sale today, starting at Rs 19,999

Nothing Phone (3a) goes on sale today, starting at Rs 19,999

The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t
 MAKE IN INDIA BRANDS   Placeholder image
STERLITE TECHNOLOGIES LTD.

STERLITE TECHNOLOGIES LTD.


QUICK HEAL TECHNOLOGIES PVT. LTD.

QUICK HEAL TECHNOLOGIES PVT. LTD.


HAVELLS INDIA LTD.

HAVELLS INDIA LTD.


TATA CONSULTANCY SERVICES

TATA CONSULTANCY SERVICES


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

GAINING CUSTOMERS’ TRUST IS ESSENTIAL FOR SMOOTH OMNICHANNEL INTERACTIONS

In the fiscal year 2024-25, our organization has i...

USING AI & BI OFFERINGS TO ADDRESS CLIENT NEEDS

In the fiscal year 2024-25, Assisto Technologies h...

AI TO IMPROVE INSIGHTS THROUGH AUGMENTED ANALYTICS, WHILE EDGE COMPUTING TO ALLOW REAL-TIME PROCESSING

For the fiscal year 2024-25, our organization has ...

 ICONS OF INDIA  Placeholder image

Icons Of India : Anil Kumar Lahoti

Anil Kumar Lahoti, Chairman, Telecom Regulatory Authority of India (TR...

Icons Of India : MUKESH D. AMBANI

Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...

Icons Of India : Bhavish Aggarwal

Indian entrepreneur Bhavish Aggarwal is the CEO of Ola, India’s larg...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

A "Make in India" brand dedicated to offer high quality communication products

For any brand to be successful, it is crucial that it understands the market d...

Fostering Positive Relationships and Enhancing Customer Satisfaction

Bloom Electronics’ data-driven insights for strategic brand decision and bra...

Competitively Viable By Ensuring Brand Loyalty & Uniformity

D M Systems always collaborates with top brands and wants to continue the same...

 PSU  Placeholder image

STPI - Software Technology Parks of India 

STPI promotes and facilitates the growth of the IT and ITES industry i...

EESL - Energy Efficiency Services Limited  

EESL is uniquely positioned in India’s energy sector to address ener...

CSC - Common Service Centres 

CSC initiative in India is a strategic cornerstone of the Digital Indi...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2024: Apple India Pvt. Ltd.

five decades after its founding, Apple has redefined modern computing, emphasi...

Most Trusted Brands 2024 : ACCENTURE PLC

Accenture is renowned for its commitment to technological innovation. It inves...

Most Trusted Brands 2024 : Oracle Corporation 

Oracle focuses on secure enterprise software, and cloud solutions to build str...

 Global Indian industry   Value-Added Distribution

Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated

Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...

Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM

Arvind Krishna, an Indian-American business executive, serves as the C...

Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design

Anirudh Devgan, the Global President and CEO of Cadence Design Systems...

 ITFORUM 2025  
 STARNITE AWARDS 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 IMAGE GALLERY   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook
 TECHNOLOGY DISRUPTION Placeholder image

Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

The Indian retail sector is expected to reach ~$2 Tn by 2032

The Indian retail sector is expected to reach ~$2 Tn by 2032

Tredence Raises $175 Mn in Series B Funding from Advent International

Tredence Raises $175 Mn in Series B Funding from Advent International

Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

 UNICORNS REVOLUTIONISING Placeholder image

Flipkart Private Limited

Flipkart Private Limited

EaseMyTrip Limited

EaseMyTrip Limited

Mensa Brands Technologies Private Limited

Mensa Brands Technologies Private Limited

LeadSquared

LeadSquared


Copyright www.mybrandbook.co.in @1999-2025 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
of images belongs to the respective copyright holders
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

EXPLORE THE NEW BRAND BOOK
CONTACT US

SUBSCRIBE NOW