Detecting these phishing lures isn’t easy and proves that you can’t be too careful when asked for your account credentials.
A man-in-the-middle (MITM) attack consists of a victim, a website the victim would like contact with (such as a bank), and the attacker. The attacker inserts themselves between the victim and the targeted website with the intention to steal personal information such as login credentials, or bank account and credit card numbers. MITMs have consistently been an active development strategy for hackers.
One MITM variation is known as man-in-the-browser (MITB), where some malware infects your device and displays a phishing copy of your intended website in your browser to trick you into entering your account information.
Image credit: mr.d0x
The only real way to be sure is to move the pop-up window around — if information from the window disappears off the main browser screen, or can’t be moved at all, then it is a fake popup that is trying too hard. This kind of fakery isn’t exactly new: another security researcher published something similar three years ago in what he called “the inception bar” attack. This phishing lure counts on users scrolling down the fake popup which then hides the URL bar, which is the moment when the attacker substitutes a fake URL bar to gain a user’s trust.
There is yet another variation on this middleman theme, and that is a series of phishing attacks targeting Counter-Strike: Global Offensive gamers. The goal here is to steal someone’s Steam credentials that can be used to launch other attacks or steal digital assets assigned to a user’s account. Here, the phishing lure is based on constructing a fake chatbox. Again, as with the browser-in-the-browser exploit, you can quickly figure out that it's fake when you try to move the window around, showing that it isn’t a legit popup, but rather an HTML construction that falls outside the main browser window.
Image credit: Zscaler
Detecting these phishing lures isn’t easy and just proves that you can’t be too careful when asked for your account credentials. One way to try to stop these middleman attacks is to use a more secure browser that will block unknown popups, such as Avast Secure Browser.
Avast Director of Platform Engineering Thomas Salomon says, "Even in the midst of these types of threats, users of Avast Secure Browser can still feel safe. The industry leading anti-phishing solution in Avast Secure Browser ensures that the vast majority of phishing attacks will be prevented. Nevertheless, Avast is constantly working on improved security solutions which help prevent such phishing attacks generically."
In one of the biggest leaks in video game history, a user on GTAForums posted 90 videos from a test build of Grand Theft Auto 6.
What's interesting about Uber's latest breach was the speed at which various publications provided coverage, how quickly Uber notified the world, and how much detail we already have about what happened.
The FBI has issued a public warning claiming that they have identified an increasing number of vulnerabilities posed by unpatched medical devices. The FBI's notice is a good reminder of how law enforcement might focus its attention in this area.