BitB phishing tactic increasingly used to compromise Facebook credentials

More threat actors have been exploiting the Browser-in-the-Browser attack technique to pilfer Facebook account credentials in phishing intrusions during the last six months, according to BleepingComputer.

Attacks commence with the distribution of illicit emails purporting to be copyright infringement warnings from law firms that include shortened URLs and counterfeit Meta CAPTCHA pages, which trigger a bogus pop-up window seeking Facebook credentials, reported Trellix researchers. Several other Netlify- and Vercel-hosted phishing pages masquerade as Meta's Privacy Center portal that divert targets to appeal forms that require input of personal details.

"Most critically, the emergence of the Browser-in-the-Browser (BitB) technique represents a major escalation. By creating a custom-built, fake login pop-up window within the victim's browser, this method capitalizes on user familiarity with authentication flows, making credential theft nearly impossible to detect visually," said the report, which recommended the activation of two-factor authentication and verification of account-related security alerts to avert potential BitB compromise.