How can we help?
A new phishing kit has been published to GitHub which makes it easier to spoof login pages.
The Browser in Browser technique uses HTML and CSS to create a fake URL bar which can trick even careful users.
Phishing sites using this template can create SSO pop-up windows which appear to be legitimate.
The phishing kit has templates for Chrome on Windows and MacOS.
The technique itself could be used in other browsers.
Containment, Mitigations & Remediations
The victim would need to navigate to a malicious phishing site for the pop-up to display.
The usual anti-phishing protections which prevent users from accessing malicious sites are still effective.
Indicators of Compromise
SVG files contained in the phish kit:
Phishing is the most common type of cyber-attack and criminals are constantly looking for ways to improve the successfulness of their attacks. This technique does that, while its incorporation into a toolkit places this mechanism of attack easily into the capability and realms of novices.
T1566.002 – Phishing: Spearphishing Link