Friday, January 27, 2023
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Mobile Apps

New Phishing Method On Android OS Involves Chrome Browser And Fake Address Bar

by Ian Chee
April 29, 2019
Chrome Android
225
SHARES
Share on FacebookShare on Twitter

The address bar is something that is commonly relied on as a feature used to visit intended sites. A developer has demonstrated that websites can replicate Chrome for Android’s address bar and Tabs UI, masking their true identity. Doing this allows phishing sites to disguise themselves as a legitimate site and proceed to steal sensitive information.

In his blog, Jim Fisher demonstrated just how the fake address bar shows up. As you scroll down on a web page, the address bar typically fades away to make space for the page’s content. When this happens, the fake address bar shows up, and fools users into thinking it’s the real, trustworthy thing.

The fake site employing this can also trick the browser to never display the real address bar. Even when you try scrolling to the top of the page, a padding can be added so that you’ll never hit the very top, and the page scrolls you back down to where the content started.

ADVERTISEMENT

Fisher says that all he did for his proof-of-concept is taking a screenshot of the Chrome address bar. He adds that, with more work, the phishing site can detect which browser is being used so that the fake address bar mimics the UI of the real thing.

https://d33wubrfki0l68.cloudfront.net/783bd862c3df19b6fb4eac0b4f687d598c957891/a3915/assets/2019-04-27/demo.webm

9to5Google reports that one way you can check if you’re seeing the real address bar is to lock your phone and unlock it again. We tested this, and can verify that doing this forces the actual address bar to show, in addition to the fake one which will stay below it. It’s a countermeasure that works in this instance, or when you actively suspecting that something is wrong.

Either way, it pays to be more careful whenever you’re surfing the web while using Chrome for Android. You can check Fisher’s blog while using Chrome in order to experience the act yourself, though we can’t think of a reason that you would want to.

(Source: James Fisher via 9to5Google)

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

Tags: AndroidChrome for AndroidPhishing
Back to top
Share90Tweet56SendShare

RELATED ARTICLES

apple airtag battery
Mobile

Google May Be Working On AirTag Equivalent Codenamed Grogu

by Ian Chee
January 18, 2023
WhatsApp Chat Feature
Apps

WhatsApp May Let You Transfer Chats Between Android Devices Without Google Drive

by Heirul Kamel
January 16, 2023
apple magsafe wireless charging
Mobile

Meet Qi2: The New Universal Wireless Charging Standard Based On Apple’s MagSafe

by Ikmal Rozlan
January 4, 2023
celcom awas always scam awareness
Telco

Celcom Wants You To Report Scams With Its Awas Always Campaign

by Ikmal Rozlan
December 15, 2022
Load More

ADVERTISEMENT

LOWYAT.TV

No Result
View All Result

TRENDING TODAY

  1. 1
    Fintech

    Touch ‘n Go To Be Scrutinise By KPDN’s Task Force Soon

  2. 2
    Entertainment

    Malaysia’s First IMAX With Laser Hall Is Now Open At GSC IOI City Mall East

  3. 3
    Automotive

    The First TNB Electron DC Fast Chargers Are Now Operational

  4. 4
    Fintech

    Touch ‘n Go To Provide Clarification Regarding Visa Card Issues To Government

  5. 5
    Apps

    New Phishing Method On Android OS Involves Chrome Browser And Fake Address Bar

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
We use cookies to improve your experience. Learn More.