From thehackernews.com
![Advanced Phishing Attacks](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEj3-KQ8w7ei_n-LAkeCEFswG7Woixxv4soLns0au6Hzm7B78vQZF-OMHycmeHbqkDUwmwVPRAU4iQCxjWBU9Tc_6B2IWxIrKc2Ul4E4j9wodZF6AgDufjF6egP2KnK23z_GiG3F691ZFzELl5xc8GED504Lh8DFKfCKR8gaysQvMztkqYEHt138-LYM/s728-e1000/phishing.jpg)
In what’s a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create “realistic desktop phishing applications.”
Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window, while also displaying the website’s favicon and hiding the address bar.
According to security researcher mr.d0x – who also devised the browser-in-the-browser (BitB) attack method earlier this year – a bad actor can leverage this behavior to resort to some HTML/CSS trickery and display a fake address bar on top of the window and fool users into giving up their credentials on rogue login forms.