How to Prevent Dangerous Browser Hijacking
How to Detect BiTB Attacks
A new Browser-in-the-Browser phishing scam has been wreaking havoc on individuals that use the Steam digital gaming platform. However, previously, this attack was mostly done on Google Chrome and Microsoft Edge, the most hijacked web browsers.
Cyber analysts have warned that hackers from the dark web have been actively utilizing the Browser-in-Browser scam. With this latest phishing attack, unwary visitors are lured through skillfully designed login windows that is a phony pop-up page of a real website.
Thinking that they are on the actual website page, cyber researchers have noticed extreme challenges faced by individuals. Many have fallen victims of some of the most uniquely crafted phishing scams. The fact that most victims are unable to recognize a Browser-in-the-Browser attack has also become a major problem.
Prompt for 2FA Credentials
One of the most devastating problems is that visitors are unable to notice that they are lured to a phony website, which is a fake layer created over the theme page of the original website. The victims will naturally think they are viewing the authentic browser window. In addition, the false landing pages also support 27 different languages that make the fake webpage, with Geo-location targeting, appears to be even more authentic.
Another distinctive characteristic of the Browser-in-the-Browser attack is that victims always unwittingly provide their 2FA code to the criminal hackers. And while it may be difficult to spot the scam, even if the victim becomes aware of the breach, their login information has already been stolen by the threat actors.
Now, criminals can easily take control of the victim’s account and modify the password of their email addresses, making it impossible to regain control of the breached accounts.
Spot Browser-in-the-Browser Attacks
Knowing how to spot these prevalent phishing scams is the best defense against being a victim of a browser hijacking scam. Hackers’ phishing windows are usually just an overlay of the real browser window.
Furthermore, identifying a phony web page poses a mirage of challenges. However, it must be noted that the Browser-in-the-Browser method needs JavaScript, for it to properly function. So, one option is to actively block JS scripts from running, to prevent a bogus login page from appearing.
But that would create a huge problem blocking JavaScript from running, as most individuals would be unable to access some popular websites. Therefore, to know if a popup window is authentic; it’s best to try to move it past the primary browser window. You can do this, by dragging the popup window to the browser’s edge.
A fake webpage used in a Browser-in-the-Browser (BiTB) attack, when dragged, will cross the browser borders of the authentic website.
Don’t Click Strange Links
You could also ungroup apps in the Windows 10 taskbar, you must note if a new window appears in the taskbar. It is a fake window if a new taskbar window doesn’t appear. Notably, ungrouping is currently not supported by Windows 11.
A fake BiTB browser window will shut down if you try to minimize it. So, you could try to resize the window, if you are unable to; it’s a fake browser window launched by deceitful hackers.
Above all, you should exercise caution when clicking on links from questionable sources. You must avoid clicking on strange links offered in direct messages on popular video game platforms like Steam, Discord, and other popular gaming websites.
