Have a personal or library account? Click to login
Advanced Phishing Techniques: Analyzing Adversary-in-the-Middle and Browser-in-the-Browser Attacks in Modern Cybersecurity Cover

Advanced Phishing Techniques: Analyzing Adversary-in-the-Middle and Browser-in-the-Browser Attacks in Modern Cybersecurity

Cybernetics and Information Technologies
Volume 25 (2025): Issue 1 (March 2025)
By: Eric B. Blancaflor,  Jacob O. Duldulao,  John Vincent E. Espeño,  Geoff Stephen M. Patag,  Ma. Theresa Menor and  Grace Lorraine Intal  
Open Access
|Mar 2025

References

  1. Denbigh-White, C. 2023 Verizon Data Breach Investigations Report: 7 Takeaways. Next DLP, 2024. https://www.nextdlp.com/resources/blog/seven-takeaways-from-2023-verizon-data-breach-investigations-report
    Search in Google ScholarBack to article
  2. Ventura, J. Takeaways from the Verizon 2023 Data Breach Investigations Report. ThreatX, 2023. https://www.threatx.com/blog/takeaways-from-the-verizon-2023-data-breach-investigations-report/
    Search in Google ScholarBack to article
  3. Bejamas. What Are AITM Attacks and How to Protect Against Them. Descope, 2024. https://www.descope.com/learn/post/aitm-attack
    Search in Google ScholarBack to article
  4. Brawner, M., K. Wojcieszek, G. Glass, R. Hicks. Rise in MFA Bypass Leads to Account Compromise. Kroll, 2023. https://www.kroll.com/en/insights/publications/cyber/mfa-bypass-leads-to-account-compromise
    Search in Google ScholarBack to article
  5. Trivedi, A. Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection, 2023. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/identifying-adversary-in-the-middle-aitm-phishing-attacks/ba-p/3991358
    Search in Google ScholarBack to article
  6. Microsoft Threat Intelligence. Detecting and Mitigating a Multi-Stage AiTM Phishing and BEC Campaign. Microsoft Security Blog, 2023. https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/
    Search in Google ScholarBack to article
  7. APWG. Phishing Activity Trends Report, 2024. https://docs.apwg.org/reports/apwg_trends_report_q4_2023.pdf
    Search in Google ScholarBack to article
  8. Alkhalil, Z., C. Hewage, L. Nawaf, I. Khan. Phishing Attacks: A Recent Comprehensive Study and a New Anatomy. – Front. Comput. Sci., Vol. 3, March 2021. DOI: 10.3389/fcomp.2021.563060.
    Search in Google ScholarBack to article
  9. Arctic Wolf. History of Cybercrime. Arctic Wolf, 2024. https://arcticwolf.com/resources/blog/decade-of-cybercrime/
    Search in Google ScholarBack to article
  10. Microsoft Threat Intelligence. Microsoft Digital Defense Report 2023 (MDDR), 2023. https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023
    Search in Google ScholarBack to article
  11. Naqvi, B., K. Perova, A. Farooq, I. Makhdoom, S. Oyedeji, J. Porras. Mitigation Strategies against the Phishing Attacks: A Systematic Literature Review. – Computers & Security, Vol. 132, 2023, 103387. DOI: 10.1016/j.cose.2023.103387.
    Search in Google ScholarBack to article
  12. IBM. Cost of a Data Breach 2024 | IBM. Cost of a Data Breach Report, 2024. https://www.ibm.com/reports/data-breach
    Search in Google ScholarBack to article
  13. Desolda, G., L. Ferro, A. Marrella, M. Costabile, T. Catarci. Human Factors in Phishing Attacks: A Systematic Literature Review. – ACM Computing Surveys, Vol. 54, 2022, No 35. DOI: 10.1145/3469886.
    Search in Google ScholarBack to article
  14. Birgisson, A., D. K. Smetters. So Long Passwords, Thanks for all the Phish. Google Online Security Blog, 2023. https://security.googleblog.com/2023/05/so-long-passwords-thanks-for-all-phish.html
    Search in Google ScholarBack to article
  15. Proofpoint. 2024 State of the Phish Report: Phishing Statistics & Trends | Proofpoint US. Proofpoint, 2024. https://www.proofpoint.com/us/resources/threat-reports/state-of-phish
    Search in Google ScholarBack to article
  16. NIST. NIST Special Publication 800-63B. Digital Identity Guidelines Authentication and Lifecycle Management, 2017. https://pages.nist.gov/sp800-63b.html
    Search in Google ScholarBack to article
  17. Mandiant. M-Trends 2023 Special Report. Mandiant, 2023. https://www.mandiant.com/resources/reports/m-trends-2023-special-report
    Search in Google ScholarBack to article
  18. MITRE. Modify Authentication Process, Technique T1556 – Enterprise | MITRE ATT&CK®. The MITRE Corporation, 2023. https://attack.mitre.org/techniques/T1556/
    Search in Google ScholarBack to article
  19. Mohapatra, H., S. Rath, S. Panda, R. Kumar. Handling of Man-In-The-Middle Attack in WSN. – Intrusion Detection System, Vol. 8, May 2020, pp. 1503-1510.
    Search in Google ScholarBack to article
  20. Amft, S., S. Höltervennhoff, N. Huaman, A. Krause, L. Simko, Y. Acar, S. Fahl. “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. – In: Proc. of 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS ’23), 21 November 2023. Association for Computing Machinery, New York, NY, USA, 2023, pp. 3138-3152. DOI: 10.1145/3576915.3623180.
    Search in Google ScholarBack to article
  21. Gavazzi, A., R. Williams, E. Kirda, L. Lu, A. King, A. Davis, T. Leek. A Study of {Multi-Factor} and {Risk-Based} Authentication Availability. 2023, pp. 2043-2060. https://www.usenix.org/conference/usenixsecurity23/presentation/gavazzi
    Search in Google ScholarBack to article
  22. Rajendran, H. H. Enhance MITM Attack Detection with Response Time in Secure Web Communication. Masters. Dublin, National College of Ireland, 2022. https://norma.ncirl.ie/6540/
    Search in Google ScholarBack to article
  23. Chavoshi, H. R., A. H. Salasi, O. Payam, H. Khaloozadeh. Man-in-the-Middle Attack Against a Network Control System: Practical Implementation and Detection. – In: Proc. of 64th IEEE International Scientific Conference on Information Technology and Management Science of Riga Technical University (ITMS), October 2023, pp. 1-6. DOI: 10.1109/ITMS59786.2023.10317671.
    Search in Google ScholarBack to article
  24. Cekerevac, Z., P. Cekerevac, L. Prigoda, F. Al-Naima. Security Risks from the Modern Man-in-the-Middle Attacks.
    Search in Google ScholarBack to article
  25. OWASP. OWASP Top 10, 2023: A10 Browser-in-the-Browser Attacks. Open Web Application Security Project, 2023. https://owasp.org/www-project-top-ten/
    Search in Google ScholarBack to article
  26. Rescorla, E. Security Considerations for WebRTC. – Internet Engineering Task Force, 2021. DOI: 10.17487/RFC8826.
    Search in Google ScholarBack to article
  27. Perception Point. What Is a Browser-in-the-Browser (BitB) Attack? Perception Point, 2024. https://perception-point.io/guides/phishing/what-is-a-browser-in-the-browser-bitb-attack/
    Search in Google ScholarBack to article
  28. Mozilla. Web Security Guidelines: Pop-up Authentication Windows. Mozilla Web Security, 2024. https://infosec.mozilla.org/guidelines/web_security
    Search in Google ScholarBack to article
  29. FBI. Internet Crime Report 2023. Federal Bureau of Investigation. https://www.fbi.gov/contact-us/field-offices/sanfrancisco/news/fbi-releases-internet-crime-report
    Search in Google ScholarBack to article
  30. FS-ISAC. Global Intelligence Office Report: BiTB Attacks in Financial Services, 2024. https://www.fsisac.com/newsroom/fsisac-report-finds-global-cyberthreats-accelerate-as-cybercriminals-and-nation-state-actors-converge-and-collaborate
    Search in Google ScholarBack to article
  31. Alsaffar, M., S. Aljaloud, B. A. Mohammed, Z. G. Al-Mekhlafi, T. S. Almurayziq, G. Alshammari, A. Alshammari. Detection of Web Cross-Site Scripting (XSS) Attacks. – Electronics, Vol. 11, January 2022, No 14, 2212. DOI: 10.3390/electronics11142212.
    Search in Google ScholarBack to article
  32. Kusumo, W., A. Erlangga, M. R. Ramadhan. Potential Security Issues in Implementing IaaS and PaaS Cloud Service Models.
    Search in Google ScholarBack to article
  33. Europol. Internet Organised Crime Threat Assessment (IOCTA) 2023. Europol, 2024. https://www.europol.europa.eu/publication-events/main-reports/internet-organised-crime-threat-assessment-iocta-2023
    Search in Google ScholarBack to article
  34. SWIFT. Swift Customer Security Controls Framework. Society for Worldwide Interbank Financial Telecommunication, 2024. https://www.swift.com/myswift/customer-security-programme-csp/security-controls
    Search in Google ScholarBack to article
  35. FinCEN. Financial Trend Analysis: Cybercrime and Cyber-Enabled Crime Against Financial Institutions. Financial Crimes Enforcement Network, 2024. https://www.fincen.gov/resources/financial-trend-analyses
    Search in Google ScholarBack to article
  36. HHS. Healthcare Cybersecurity Report: Rising Threats in Medical Systems, 2023. https://www.hhs.gov/about/news/2023/04/17/hhs-cybersecurity-task-force-provides-new-resources-help-address-rising-threat-cyberattacks-health-public-health-sector.html
    Search in Google ScholarBack to article
  37. OCR. HIPAA Security Rule Compliance Guide, 2009. https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html
    Search in Google ScholarBack to article
  38. CISA. Federal Civilian Executive Branch Agency Cybersecurity Incident and Vulnerability Response Playbooks, 2024. https://www.cisa.gov/resources-tools/resources/federal-government-cybersecurity-incident-and-vulnerability-response-playbooks
    Search in Google ScholarBack to article
  39. O’Brien, J. Higher Education Information Security Council Report: Phishing in Academia. EDUCAUSE Review, 2020. https://er.educause.edu/articles/2020/5/digital-ethics-in-higher-education-2020
    Search in Google ScholarBack to article
  40. Gartner. Market Guide for Zero Trust Network Access. Gartner, 2023. https://www.gartner.com/en/documents/4632099
    Search in Google ScholarBack to article
  41. Google. Safe Browsing: Protecting Web Users for 15 Years and Counting. Google Security Blog, 2023, 2024. https://www.googblogs.com/category/online-security-blog/page/3/
    Search in Google ScholarBack to article
  42. FIDO Alliance. FIDO2: Web Authentication (WebAuthn). FIDO Technical Specifications, 2023. https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html
    Search in Google ScholarBack to article
  43. BeEFProject. BeEF – The Browser Exploitation Framework Project. https://beefproject.com/
    Search in Google ScholarBack to article
  44. OWASP. Cross Site Scripting (XSS) | OWASP Foundation. https://owasp.org/www-community/attacks/xss/
    Search in Google ScholarBack to article
  45. Gillis, A. S. What is a Man-in-the-Browser Attack? Security. https://www.techtarget.com/searchsecurity/definition/man-in-the-browser
    Search in Google ScholarBack to article
DOI: https://doi.org/10.2478/cait-2025-0004 | Journal eISSN: 1314-4081 | Journal ISSN: 1311-9702
Journal RSS Feed
Language: English
Page range: 55 - 77
Submitted on: Dec 12, 2024
|
Accepted on: Feb 24, 2025
|
Published on: Mar 21, 2025
Published by: Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
In partnership with: Paradigm Publishing Services
Publication frequency: 4 issues per year
Keywords:
Adversary-in-The-Middle (AiTM),
Browser-in-the-Browser (BitB),
Phishing,
Multi-Factor Authentication (MFA),
Social engineering,
Zero Trust security,
Ai-Driven threat detection
Related subjects:
Computer sciences,
Information technology

© 2025 Eric B. Blancaflor, Jacob O. Duldulao, John Vincent E. Espeño, Geoff Stephen M. Patag, Ma. Theresa Menor, Grace Lorraine Intal, published by Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.

Previous articleVolume 25 (2025): Issue 1 (March 2025)Next article