{"id":88764,"date":"2022-10-06T11:36:57","date_gmt":"2022-10-06T11:36:57","guid":{"rendered":"https:\/\/harchi90.com\/new-phishing-method-looks-just-like-the-real-thing\/"},"modified":"2022-10-06T11:36:57","modified_gmt":"2022-10-06T11:36:57","slug":"new-phishing-method-looks-just-like-the-real-thing","status":"publish","type":"post","link":"https:\/\/harchi90.com\/new-phishing-method-looks-just-like-the-real-thing\/","title":{"rendered":"New phishing method looks just like the real thing"},"content":{"rendered":"
\n

Thanks to a new phishing method, hackers could steal all sorts of personal information by simply mimicking real login forms in Application Mode. This is a feature that’s available in all Chromium-based browsers, which includes Google Chrome, Microsoft Edge, and Brave.<\/p>\n

Using Application Mode allows threat actors to spread highly believable-looking local login forms that look like desktop applications. In reality, all inputs are sent to a malicious attacker.<\/p>\n

mr.d0x<\/span><\/figcaption><\/figure>\n

In Google Chrome, Application Mode lets web devs create apps that resemble native applications. A few things happen when you launch Application Mode. For starters, the toolbars and the address bar both disappear. The website is launched in a separate window, and on your taskbar, you’ll see the website’s favicon (the icon you normally see next to the website’s name in your browser tab) instead of the Chrome logo.<\/p>\n

With all of these things out of the equation, it’s fairly easy to create a clone of a familiar login form and try to trick users into typing their login credentials. many users are less wary of desktop apps than websites, because once installed, they are assumed to be safe; on the other hand, there’s always some degree of hesitation when visiting a strange website. Removing the URL largely deals with the easiest way to spot a scam from the real thing.<\/p>\n

This hack could potentially be very dangerous simply because of how easy it might be to get fooled by it. On the other hand, actually pulling it off requires the victim to have Chromium app mode enabled and launched locally on their device. This means that the hacker would first have to gain some sort of control over the computer before following up with this phishing method, be it through malware or through guiding the user to enable it and run a Windows shortcut with the phishing URL.<\/p>\n

Windows 10 and 11 both come with Microsoft Edge pre-installed. This makes it easier to distribute Windows shortcut files that launch Microsoft Edge, and from there, it’s smooth sailing for the hacker if the victim falls for the fake form.<\/p>\n

\"Google
Caio\/Pexels<\/span><\/figcaption><\/figure>\n

This phishing method was first described by mr.d0x and later reported on by Bleeping Computer. While it could be dangerous if users were to fall for it, the prerequisite of first obtaining some sort of access to the victim’s computer should largely keep you safe.<\/p>\n

As always, remember not to visit websites that you don’t fully trust, load up some trustworthy antivirus software for good measure, and do not enable Application Mode in your browser unless you have a very good reason to do so.<\/p>\n

\n

\t\tEditors’ Recommendations\t<\/h4>\n

\t\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t<\/span><\/p>\n

\t\t\t\t\t
\n\t\t\t\t<\/span><\/p>\n

\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t<\/span>
\n\t\t\t\t\t\t<\/span><\/div>\n","protected":false},"excerpt":{"rendered":"

Thanks to a new phishing method, hackers could steal all sorts of personal information by simply mimicking real login forms in Application Mode. This is a feature that’s available in all Chromium-based browsers, which includes Google Chrome, Microsoft Edge, and Brave. Using Application Mode allows threat actors to spread highly believable-looking local login forms that …<\/p>\n

New phishing method looks just like the real thing<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":53863,"url":"https:\/\/harchi90.com\/samsung-internet-19-0-beta-finally-brings-chrome-bookmark-syncing\/","url_meta":{"origin":88764,"position":0},"title":"Samsung Internet 19.0 beta finally brings Chrome bookmark syncing","date":"August 23, 2022","format":false,"excerpt":"Last updated: August 23rd, 2022 at 13:24 UTC+02:00 Samsung's proprietary mobile internet browser is getting a new beta update, and it's a pretty big one! With Samsung Internet 19.0 beta, the company is finally addressing one of the browser's main weaknesses and is adding new options for syncing bookmarks from\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.sammobile.com\/wp-content\/uploads\/2022\/08\/SamsungInternet19.0_main5F-720x480.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":13289,"url":"https:\/\/harchi90.com\/microsoft-warns-of-large-scale-aitm-phishing-attacks-against-over-10000-organizations\/","url_meta":{"origin":88764,"position":1},"title":"Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations","date":"July 13, 2022","format":false,"excerpt":"Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication (MFA). \"The attackers then used the stolen credentials and session cookies to access affected users' mailboxes and perform follow-on business email\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":55667,"url":"https:\/\/harchi90.com\/researchers-warn-of-aitm-attack-targeting-google-g-suite-enterprise-users\/","url_meta":{"origin":88764,"position":2},"title":"Researchers Warn of AiTM Attack Targeting Google G-Suite Enterprise Users","date":"August 25, 2022","format":false,"excerpt":"The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services have also set their sights on Google Workspace users. \"This campaign specifically targeted chief executives and other senior members of various organizations which use [Google Workspace],\" Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolonu\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":34781,"url":"https:\/\/harchi90.com\/north-korea-backed-hackers-have-a-clever-way-to-read-your-gmail\/","url_meta":{"origin":88764,"position":3},"title":"North Korea-backed hackers have a clever way to read your Gmail","date":"August 4, 2022","format":false,"excerpt":"Getty Images Researchers have unearthed never-before-seen malware that hackers from North Korea have been using to surreptitiously read and download email and attachments from infected users' Gmail and AOL accounts. The malware, dubbed SHARPEXT by researchers from security firm Volexity, uses clever means to install a browser extension for the\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/08\/restore-settings-chrome-640x425.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":76080,"url":"https:\/\/harchi90.com\/how-3-hours-of-inaction-from-amazon-cost-cryptocurrency-holders-235000\/","url_meta":{"origin":88764,"position":4},"title":"How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000","date":"September 23, 2022","format":false,"excerpt":"Amazon recently lost control of IP addresses it uses to host cloud services and took more than three hours to regain control, a lapse that allowed hackers to steal $235,000 in cryptocurrency from users of one of the affected customers, an analysis shows. The hackers seized control of roughly 256\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/09\/celer-bridge-losses.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":12736,"url":"https:\/\/harchi90.com\/ongoing-phishing-campaign-can-hack-you-even-when-youre-protected-with-mfa\/","url_meta":{"origin":88764,"position":5},"title":"Ongoing phishing campaign can hack you even when you’re protected with MFA","date":"July 13, 2022","format":false,"excerpt":"Getty Images On Tuesday, Microsoft detailed an ongoing large-scale phishing campaign that can hijack user accounts when they're protected with multi-factor authentication measures designed to prevent such takeovers. The threat actors behind the operation, who have targeted 10,000 organizations since September, have used their covert access to victim email accounts\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"The phishing website intercepting the authentication process.","src":"https:\/\/i0.wp.com\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/07\/cookie-interception-640x345.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"fifu_image_url":"https:\/\/www.digitaltrends.com\/wp-content\/uploads\/2021\/08\/google-chrome-laptop-lifestyle.jpg?p=1","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/88764"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=88764"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/88764\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=88764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=88764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=88764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}