Google Chrome’s mobile browser confronts novel form of phishing

One fresh and astonishingly very easy phishing technique is responsible for manipulating the mobile browser of Google Chrome by taking the guise of victims' certain highly reliable websites. Well-known software creator James Fisher recently discovered one rather uncomplicated exploit inside the mobile browser which misuses the way the application exhibits the Chrome mobile browser's address bar. Anyone navigating downwards by scrolling the web-page would come across one false address bar which wouldn't go away till the person visits another website. Sometimes the perpetrator may even create one web-page covering the screen having the actual address bar.

Fisher has used "inception bar" as the scam's name which attacks users of Android mobile working with Chrome. It deals with one phony address bar which exhibits an authentic website URL. Not only that there as well appears one SSL badge that authenticates the website's genuineness implying it's safe to visit that site.

Fisher further states that by adding a few more codes the scam can become more refined via incorporating interactivity into the phony address bar. It's possible for the web-page to determine the browser name it is in followed with disguising certain inception bar pertaining to the particular browser. Further on it's possible to make the phony bar interactive. Suppose the existing web-page can't dupe the user, another attempt can be made when he types 'gmail.com' inside the phony address bar, explains Fisher. www.dailymail.co.uk posted this, April 29, 2019.

Phishers carrying put the scam place the phony bar on upper portion of PC-screen the normal place an address bar appears. In usual practice browsers once again exhibit their address bar while scrolling up, however, if the web-page has one scroll lock then the repeat exhibit of the address bar doesn't occur. Consequently, the phony bar prevents visitors from leaving the page.

A number of Web-browsers for mobile devices conceal their address bar during scrolling so that the running page's content can be expanded. This is because mobile phones have small space so it's sensible utilizing address space also. Consequently, the most real recognizing indicator for that page is nullified, while the latest phishing technique easily comes into play.

» SPAMfighter News - 5/6/2019