In doing so, the hacker will obtain the victim’s credentials and take over his account. Quite dangerous! This phishing method was developed by a security researcher nicknamed Mr. oxidase. He calls it a browser-in-browser . Phishing attack (BITB) because his phishing attempt . Sttempts to trick users into displaying a browser window. So, how can we avoid this threat? Avoid in-browser attacks First, to avoid this attack, we need to identify normal and abnormal browser behavior. Examples are as follows. How to spot phishing: mobile pop-ups As shown above, the original browser window will be able to be moved out of the main browser. However, the browser window displayed by the BITB attack does not.
Phishing results window cannot
Be moved out of browser It can be seen that the original browser window cannot be removed. In fact, there will be some obvious oddities. For example, the title bar on the window will be cut off. Use a password manager to avoid phishing However, what happens when we open the window displayed by the BITB attack? Fake login window Even if the URL of the displayed window is www.dicoding.com (to deceive the user), the password manager will recognize that this is not a Dicoding ws database website. Therefore, it does not display valid credentials. Safe digital life Typically phishing exploits things that are urgent (such as the opportunity for a COVID-19 vaccine, a bank account that needs to be updated due to problems) and things that are currently popular.
But the good thing is that we
are not in a rush when it comes to taking any action in the digital world. This haste is one of the keys to hackers’ success in acquiring new phishing victims. o trick users into displaying a browser window. So, how can we avoid this threat? Avoid in- happens when we open the window displayed by the BITB attack? Fake login window Even if the URL of the Canada Email Lead displayebrowser attacks First, to avoid this attack, we need to identify normal and abnormal browser behavior. Examples are as follows. Therefore, friends, it is best to continue to learn new techniques to protect yourself and your family from phishing so that our activities in the digital world remain safe.