- Mar 13, 2022
- 599
- Content source
- https://apple.news/AGE6ioqABTNywEja6RuAUeQ
Interesting article from iTnews about potential problems for Google, Microsoft and Apple sites.
Phishers have come up with a new technique to trick users by simulating browser windows with the browser itself in order to spoof legitimate domains, which is hard for victims to detect.
A security researcher using the moniker mr.d0x has documented how phishers create bogus pop-up windows for Google, Microsoft and Apple websites which look almost exactly the same as the legitimate ones for authenticating users.
It is difficult for users to work out that they're on fake sites, mr.d0x wrote.
"... once landed on the attacker-owned website, the user will be at ease as they type their credentials away on what appears to be the legitimate website (because the trustworthy URL says so)," mr.d0x wrote.
Phishers devise browser-in-the-browser attacks, 'chameleon' landing pages — iTnews
Next-level trickery menaces users.
apple.news