Beware of fake websites that look exactly like official ones; know how easily they are made

tech.hindustantimes.com:

Hackers are finding new and unique ways to hack your desktop or other devices. And now, a new phishing technique has been found that demonstrates that the Application Mode feature in Chromium-based web browsers namely Google Chrome and Microsoft Edge, can be abused to create realistic desktop phishing applications. Informing about the same mrd0x.com said in a blog post. "In this blog post I show how Chromium's application mode allows us to easily create realistic desktop phishing applications."

The blog post further informed that the Chromium-based browsers support the app command line flag. This flag will launch a website in application mode which does several things, which are mentioned below:

1. Causes the site to be launched in a separate browser window

2. The launched window is given a desktop application appearance rather than a browser appearance

3. The Windows Taskbar displays the website's favicon rather than the browser's icon

4. Launches the website while hiding the address bar.

"We can see the Windows Taskbar is displaying the site's favicon as the icon," the blog post read.

mrd0x.com further said, "Since application mode hides the address bar, it's up to us now to create the fake address bar. I used the address bar HTML/CSS from my BITB repo (it's signatured so avoid using it in a real engagement) and included it at the top of my site. The Windows Taskbar will display the website's icon and since I changed mine to Microsoft's logo, the taskbar will now reflect that."

While coming to external or internal phishing, the blog post explained, "Although this technique is meant more towards internal phishing, you can technically still use it in an external phishing scenario. You can deliver these fake applications