Browser In The Browser Phishing Attack With Example

We recently researched a new type of phishing technique that targets a wider range of users' account all over the world and give instant access to the attacker of the victim's account. According to recent phishing attack reports, 37%+ accounts targeted by hackers are based on phishing.

You might like also: Get Real Photo Of Any Instagram User Using Social Engineering

What is Phishing Attack

Phishing is a type of cyber attack in which an attacker attempts to trick a victim into providing sensitive information, such as login credentials or financial information, through a fake or malicious website. Phishing attacks are often carried out by sending emails that appear to be from a legitimate source, such as a financial institution or a trusted online retailer. The email will typically contain a link to a website that looks genuine but is actually controlled by the attacker. When the victim enters their sensitive information on the fake website, the attacker can then use it to gain access to their accounts or commit fraud.

     

How To Spot Phishing Sites or link

You can easily spot a phishing website or a phishing webpage link and prevent yourself from being hacked by keeping the following points in mind:

• Always check the website link shown in the URL box or bar in the browser.

• Don’t log in to third-party websites with your Google, Facebook, Instagram, etc. account.

• Always enable two-factor authentication.

You might like also: Find Anyone Information On Internet

What Is Browser In The Browser Phishing Attack (BITB Attack)

Basically, it’s an advanced version of a normal phishing attack in which the attacker creates a browser window in the browser that loads a fake phishing login or credentials input page. The main difference that differentiates normal phishing attacks from BITB is the BITB attack loads a browser window in a browser that contains a domain that looks like the original website domain. As shown in the image given below.

                                                    

As you can see in the above example image, in the BITB attack a phishing site is loaded in the new popup browser in the browser that looks like as original URL but actually it’s a fake element. 

How To Perform BITB Attack Using Kali

To perform Browser in the Browser Phishing attack on localhost in your kali you can use BITB Framework using the following commands:

git clone https://github.com/surya-dev-singh/BITB-framwork

cd BITB-framwork

python3 bitb.py

Now you can see the interface of BITB Framework on your Terminal.

Note: You have to do port forwarding to expose your local host out of LAN otherwise generated link only works only on your PC browser.

How To Spot A BITB Phishing site

You can easily spot a phishing website and prevent yourself from being hacked by keeping the following points in mind:

• Phishing site browsers can not move outside of the main browser.
• Always check the website link shown in the URL box or bar in the browser.
• Don’t log in to third-party websites with your Google, Facebook, Instagram, etc. account.
• Always enable two-factor authentication.

You might like also: Instagram Information Scrapping Automate Python Tool

I hope this information is helpful for you and if you want to learn complete real-world hacking then try our eBook Guide For Hacking and don't forget to join our Telegram Channel for future updates.