A Chrome Extension to detect Browser-in-the-Browser Phishing Attacks

In the evolving landscape of cybersecurity threats, phishing attacks remain a prevalent and dangerous method for compromising sensitive information. This thesis investigates the Browser-in-the-Browser (BitB) attack, a sophisticated phishing technique designed to deceive users by mimicking legitimate browser windows within their actual browser. Unlike traditional phishing methods, which rely on fake websites or email scams, BitB attacks create highly convincing, simulated browser windows that appear authentic to the user. The BitB attack works by embedding a fake browser window within a legitimate one, often as a pop-up or new tab. This fake window is crafted to look identical to a real browser window, complete with realistic URL bars, SSL certificate indicators, and other interface elements. As a result, users are tricked into entering their login credentials or other sensitive information, believing they are interacting with a genuine website. This thesis provides a comprehensive analysis of the mechanics of BitB attacks and proposes an innovative solution to detect such attacks. Through a combination of theoretical examination and practical case studies, a detection algorithm utilizing static and dynamic analysis, as well as visual inspection of the webpage, has been designed. The solution has been implemented as a Chrome extension capable of detecting BitB attacks on web pages as soon as a user interacts with the page. This extension performs all analyses directly within the user's browser in real-time. The capability of the solution has been experimentally validated through tests on a set of case studies and various websites.