One piece of advice that you usually hear and read to prevent yourself from being phished is to check the URL of the website you’re visiting. This is because if you’re trying to log into Facebook but the URL says something different, there is a very good chance that you’re being phished.
You can also check URLs of popup windows used for single sign-ons like Google, Apple, Facebook, and so on, but thanks to security researcher mr.d0x, he has created a new Browser-in-the-Browser attack which in theory would let hackers recreate SSOs that display the “correct” URL, thus fooling users into possibly handing over their login credentials.
Speaking to BleepingComputer, mr.d0x told the publication that these templates are pretty easy to use and can be used for browsers like Google Chrome, which happens to be one of the most used browsers in the world. The problem with attacks like these is that in the past, more seasoned users might notice that something looks a little off in terms of the images, let alone the URL, but using the templates mr.d0x created, you would be hard pressed to tell the difference.
The good news is that since this exploit is now out in the wild, hopefully it will allow companies like Google, Apple, Microsoft, and other browser makers to come up with a way to address this issue to help users have a safer browsing experience.