it-sicherheit.de Reports on the Discovery of a New Phishing Method

Our recently published finding on a new phishing method has also been picked up by it-sicherheit.de. Cyber security specialists at Certitude have identified how attackers can exploit the browser’s fullscreen functionality unnoticed and potentially bypass phishing protection mechanisms. This enables the display of manipulated Windows login screens.

A detailed example of a possible attack scenario can be found at the following link
Phishing method using fullscreen hijacking discovered

The underlying analysis with a detailed attack scenario can be found in our research blog:
Abusing Modern Browser Features for Phishing – Certitude Blog