Search This Blog

Phishing Scam Disguised As Some of Victims' Most-Trusted Websites Hits Google Chrome's Mobile Browser

Google Chrome hit with new phishing scam that uses fake address bar to steal passwords and credit card information.



A shockingly simple however convincing phishing scam has struck Google Chrome's mobile browser, camouflaged as some of the victim' most-confided in and trusted sites.

Being alluded to as the 'Inception Bar' it has targeted on the Android mobile users for Chrome by utilizing a 'fake address'  bar that not just shows the name of a real site, yet in addition a SSL badge - used to confirm a site's authencity - demonstrating that the said page is protected.

This 'Initiation Bar' is basically a webpage inside a webpage where regardless of whether a user endeavors to scroll back up the top of the page to get to the address bar; they're constrained down, caught in the fake page.

As indicated by developer Jim Fisher, who posted about the endeavor on his own blog, hackers can utilize a blend of coding and screenshots to trap exploited people into surrendering their private information.

Fisher even exhibited that he had the capacity to change the displayed URL of his own site to that of HSBC Bank.




This trick is valuable especially for scammers who endeavor to cover a pernicious website page as a genuine one and steal significant data from uses like passwords and credit card information.

With some additional coding, Fisher says that the trick could be made increasingly advanced, by simply making the fake bar intuitive.

While his demo was done on Google Chrome, the trick would possibly influence different browsers with comparative highlights.

In any case Google has proceeded to introduce a rather large group of new security feature that explicitly targets phishing including forbidding embedded browsers and different highlights that notify users when they're perusing a 'potentially harmful' website.

Share it:

Google Chrome

Phishing scam

Security Breach