Geeks for your information News Privacy & Security News v
New mobile Phishing Method using fake address bar and scroll locking
New mobile Phishing Method using fake address bar and scroll locking
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 14,441
Threads: 9,518
Thanks Received: 9,035 in 7,185 posts
Thanks Given: 9,810
Joined: 12 September 18
#1
Exclamation  02 May 19, 16:11 (This post was last modified: 02 May 19, 16:11 by harlan4096.)
Quote:
[Image: chrome-phishing.png]

Phishing, the attempt to steal important data such as login information, passwords, or credit card numbers from unsuspecting users, is still a major threat on today's Internet. Microsoft's Security Intelligence report saw phishing emails increase by 250% in 2018 alone.

Most web browsers come with certain defenses, usually in form of blacklists and other defensive measures to detect phishing attacks.

One problem with the approach is that it addresses known phishing sites for the most part. The Inception Bar is a new phishing method designed specifically for mobile.

Many mobile web browsers hide the address bar when a user starts to scroll to expand the content of the active webpage. Since space is a premium on mobile, it makes sense to use the address space for that. Doing so removes the strongest identifying indicator for that webpage, and it also makes way for the new phishing method.

Basically, what the phishing method does is put a fake copy of the address bar at the top of the screen in the fixed location the address bar is found in usually. Browsers would normally display the address bar again when users scroll up but the implementation of a scroll lock on the page prevents that from happening.

The effect is that the fake address bar -- that looks similar to the real one -- is shown to users and that it becomes difficult to exit the page. Even worse, since it is fake, it is possible to make it display any site URL. A dedicated web developer could create a full copy of Chrome's address bar and not just a lookalike.

You can see it in action on James Fisher's website. Note that you will experience this method first hand if you use the mobile version of Chrome to access the site; on desktop, you may watch the animated GIF to see how it works when you connect using mobile devices.

Fisher's method works in Chrome for mobile; he notes that one could check for the user agent to display similar fake address bars for other mobile web browsers.

I accessed the site on Chrome Stable and Chrome Canary for Android. The replacement worked in Canary but it did not in Chrome Stable. Whether that is caused by a setting in the browser or something else is unclear.

You can get out of it by activating any link on the site if you are stuck in mobile Chrome. 
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
K-Lite Codec Pack 18.8.5 / 18.8.9 Update
Changes in 18.8.9 ...harlan4096 — 07:13
Ubuntu 24.04.2 LTS / 25.04
Ubuntu 24.04.2 LTS...harlan4096 — 07:12
Microsoft Edge 135.0.3179.85
Version 135.0.3179...harlan4096 — 07:10
AnyDesk 7.0.0 for Linux
AnyDesk 7.0.0 for ...harlan4096 — 07:08
Intel releases AI Playground software fo...
Intel is open sour...harlan4096 — 07:07

[-]
Birthdays
Today's Birthdays
avatar (48)oapedDow
avatar (41)Sanchowogy
Upcoming Birthdays
avatar (44)wapedDow
avatar (43)techlignub
avatar (42)Stevenmam
avatar (49)onlinbah
avatar (50)steakelask
avatar (44)Termoplenka
avatar (42)bycoPaist
avatar (48)pieloKat
avatar (42)ilyagNeexy
avatar (50)donitascene
avatar (50)Toligo
avatar (37)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>