If i ask you, Which one is real?(1 or 2).
I sure you are shocking by second picture, How this guy able to develop this phishing technique.
Demo:
https://mrd0x.com/demo-c2b899d2175d71fb45e3f86a8ba80644.gif
As he mentioned the technique is simple but effective.
Let us figure out how it works.!!
I used Mr.d0x template on GitHub for finding out how he able to create pop-up window for legitimate URL, forward us to phishing page.
Just guess, what i found. The windows is divide to 3 parts (Title bar, URL bar, Iframe).
Title-bar and URL-bar created by style.css file, Even SSL lock is picture.
Final part is iframe. It is contain malicious or phishing URL, that maybe the attacker used to stole your credential.
# How can we protect our self from this technique?
- Check if there any URL does not belongs to main URL or authentication URL.
- Try to drag it OUTSIDE OF the content area of the page first.
References: