Have a personal or library account? Click to login
Advanced Phishing Techniques: Analyzing Adversary-in-the-Middle and Browser-in-the-Browser Attacks in Modern Cybersecurity Cover

Advanced Phishing Techniques: Analyzing Adversary-in-the-Middle and Browser-in-the-Browser Attacks in Modern Cybersecurity

Cybernetics and Information Technologies
Volume 25 (2025): Issue 1 (March 2025)
By:
Open Access
|Mar 2025

References

  1. Denbigh-White, C. 2023 Verizon Data Breach Investigations Report: 7 Takeaways. Next DLP, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.nextdlp.com/resources/blog/seven-takeaways-from-2023-verizon-data-breach-investigations-report">https://www.nextdlp.com/resources/blog/seven-takeaways-from-2023-verizon-data-breach-investigations-report</ext-link>
    Search in Google ScholarBack to article
  2. Ventura, J. Takeaways from the Verizon 2023 Data Breach Investigations Report. ThreatX, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.threatx.com/blog/takeaways-from-the-verizon-2023-data-breach-investigations-report/">https://www.threatx.com/blog/takeaways-from-the-verizon-2023-data-breach-investigations-report/</ext-link>
    Search in Google ScholarBack to article
  3. Bejamas. What Are AITM Attacks and How to Protect Against Them. Descope, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.descope.com/learn/post/aitm-attack">https://www.descope.com/learn/post/aitm-attack</ext-link>
    Search in Google ScholarBack to article
  4. Brawner, M., K. Wojcieszek, G. Glass, R. Hicks. Rise in MFA Bypass Leads to Account Compromise. Kroll, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.kroll.com/en/insights/publications/cyber/mfa-bypass-leads-to-account-compromise">https://www.kroll.com/en/insights/publications/cyber/mfa-bypass-leads-to-account-compromise</ext-link>
    Search in Google ScholarBack to article
  5. Trivedi, A. Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/identifying-adversary-in-the-middle-aitm-phishing-attacks/ba-p/3991358">https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/identifying-adversary-in-the-middle-aitm-phishing-attacks/ba-p/3991358</ext-link>
    Search in Google ScholarBack to article
  6. Microsoft Threat Intelligence. Detecting and Mitigating a Multi-Stage AiTM Phishing and BEC Campaign. Microsoft Security Blog, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/">https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/</ext-link>
    Search in Google ScholarBack to article
  7. APWG. Phishing Activity Trends Report, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://docs.apwg.org/reports/apwg_trends_report_q4_2023.pdf">https://docs.apwg.org/reports/apwg_trends_report_q4_2023.pdf</ext-link>
    Search in Google ScholarBack to article
  8. Alkhalil, Z., C. Hewage, L. Nawaf, I. Khan. Phishing Attacks: A Recent Comprehensive Study and a New Anatomy. – Front. Comput. Sci., Vol. 3, March 2021. DOI: <a href="https://doi.org/10.3389/fcomp.2021.563060." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.3389/fcomp.2021.563060.</a>
    Search in Google ScholarBack to article
  9. Arctic Wolf. History of Cybercrime. Arctic Wolf, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://arcticwolf.com/resources/blog/decade-of-cybercrime/">https://arcticwolf.com/resources/blog/decade-of-cybercrime/</ext-link>
    Search in Google ScholarBack to article
  10. Microsoft Threat Intelligence. Microsoft Digital Defense Report 2023 (MDDR), 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023">https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023</ext-link>
    Search in Google ScholarBack to article
  11. Naqvi, B., K. Perova, A. Farooq, I. Makhdoom, S. Oyedeji, J. Porras. Mitigation Strategies against the Phishing Attacks: A Systematic Literature Review. – Computers &amp; Security, Vol. 132, 2023, 103387. DOI: <a href="https://doi.org/10.1016/j.cose.2023.103387." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.1016/j.cose.2023.103387.</a>
    Search in Google ScholarBack to article
  12. IBM. Cost of a Data Breach 2024 | IBM. Cost of a Data Breach Report, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.ibm.com/reports/data-breach">https://www.ibm.com/reports/data-breach</ext-link>
    Search in Google ScholarBack to article
  13. Desolda, G., L. Ferro, A. Marrella, M. Costabile, T. Catarci. Human Factors in Phishing Attacks: A Systematic Literature Review. – ACM Computing Surveys, Vol. 54, 2022, No 35. DOI: <a href="https://doi.org/10.1145/3469886." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.1145/3469886.</a>
    Search in Google ScholarBack to article
  14. Birgisson, A., D. K. Smetters. So Long Passwords, Thanks for all the Phish. Google Online Security Blog, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://security.googleblog.com/2023/05/so-long-passwords-thanks-for-all-phish.html">https://security.googleblog.com/2023/05/so-long-passwords-thanks-for-all-phish.html</ext-link>
    Search in Google ScholarBack to article
  15. Proofpoint. 2024 State of the Phish Report: Phishing Statistics &amp; Trends | Proofpoint US. Proofpoint, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.proofpoint.com/us/resources/threat-reports/state-of-phish">https://www.proofpoint.com/us/resources/threat-reports/state-of-phish</ext-link>
    Search in Google ScholarBack to article
  16. NIST. NIST Special Publication 800-63B. Digital Identity Guidelines Authentication and Lifecycle Management, 2017. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://pages.nist.gov/sp800-63b.html">https://pages.nist.gov/sp800-63b.html</ext-link>
    Search in Google ScholarBack to article
  17. Mandiant. M-Trends 2023 Special Report. Mandiant, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.mandiant.com/resources/reports/m-trends-2023-special-report">https://www.mandiant.com/resources/reports/m-trends-2023-special-report</ext-link>
    Search in Google ScholarBack to article
  18. MITRE. Modify Authentication Process, Technique T1556 – Enterprise | MITRE ATT&amp;CK®. The MITRE Corporation, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://attack.mitre.org/techniques/T1556/">https://attack.mitre.org/techniques/T1556/</ext-link>
    Search in Google ScholarBack to article
  19. Mohapatra, H., S. Rath, S. Panda, R. Kumar. Handling of Man-In-The-Middle Attack in WSN. – Intrusion Detection System, Vol. 8, May 2020, pp. 1503-1510.
    Search in Google ScholarBack to article
  20. Amft, S., S. Höltervennhoff, N. Huaman, A. Krause, L. Simko, Y. Acar, S. Fahl. “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. – In: Proc. of 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS ’23), 21 November 2023. Association for Computing Machinery, New York, NY, USA, 2023, pp. 3138-3152. DOI: <a href="https://doi.org/10.1145/3576915.3623180." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.1145/3576915.3623180.</a>
    Search in Google ScholarBack to article
  21. Gavazzi, A., R. Williams, E. Kirda, L. Lu, A. King, A. Davis, T. Leek. A Study of {Multi-Factor} and {Risk-Based} Authentication Availability. 2023, pp. 2043-2060. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.usenix.org/conference/usenixsecurity23/presentation/gavazzi">https://www.usenix.org/conference/usenixsecurity23/presentation/gavazzi</ext-link>
    Search in Google ScholarBack to article
  22. Rajendran, H. H. Enhance MITM Attack Detection with Response Time in Secure Web Communication. Masters. Dublin, National College of Ireland, 2022. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://norma.ncirl.ie/6540/">https://norma.ncirl.ie/6540/</ext-link>
    Search in Google ScholarBack to article
  23. Chavoshi, H. R., A. H. Salasi, O. Payam, H. Khaloozadeh. Man-in-the-Middle Attack Against a Network Control System: Practical Implementation and Detection. – In: Proc. of 64th IEEE International Scientific Conference on Information Technology and Management Science of Riga Technical University (ITMS), October 2023, pp. 1-6. DOI: <a href="https://doi.org/10.1109/ITMS59786.2023.10317671." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.1109/ITMS59786.2023.10317671.</a>
    Search in Google ScholarBack to article
  24. Cekerevac, Z., P. Cekerevac, L. Prigoda, F. Al-Naima. Security Risks from the Modern Man-in-the-Middle Attacks.
    Search in Google ScholarBack to article
  25. OWASP. OWASP Top 10, 2023: A10 Browser-in-the-Browser Attacks. Open Web Application Security Project, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://owasp.org/www-project-top-ten/">https://owasp.org/www-project-top-ten/</ext-link>
    Search in Google ScholarBack to article
  26. Rescorla, E. Security Considerations for WebRTC. – Internet Engineering Task Force, 2021. DOI: <a href="https://doi.org/10.17487/RFC8826." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.17487/RFC8826.</a>
    Search in Google ScholarBack to article
  27. Perception Point. What Is a Browser-in-the-Browser (BitB) Attack? Perception Point, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://perception-point.io/guides/phishing/what-is-a-browser-in-the-browser-bitb-attack/">https://perception-point.io/guides/phishing/what-is-a-browser-in-the-browser-bitb-attack/</ext-link>
    Search in Google ScholarBack to article
  28. Mozilla. Web Security Guidelines: Pop-up Authentication Windows. Mozilla Web Security, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://infosec.mozilla.org/guidelines/web_security">https://infosec.mozilla.org/guidelines/web_security</ext-link>
    Search in Google ScholarBack to article
  29. FBI. Internet Crime Report 2023. Federal Bureau of Investigation. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.fbi.gov/contact-us/field-offices/sanfrancisco/news/fbi-releases-internet-crime-report">https://www.fbi.gov/contact-us/field-offices/sanfrancisco/news/fbi-releases-internet-crime-report</ext-link>
    Search in Google ScholarBack to article
  30. FS-ISAC. Global Intelligence Office Report: BiTB Attacks in Financial Services, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.fsisac.com/newsroom/fsisac-report-finds-global-cyberthreats-accelerate-as-cybercriminals-and-nation-state-actors-converge-and-collaborate">https://www.fsisac.com/newsroom/fsisac-report-finds-global-cyberthreats-accelerate-as-cybercriminals-and-nation-state-actors-converge-and-collaborate</ext-link>
    Search in Google ScholarBack to article
  31. Alsaffar, M., S. Aljaloud, B. A. Mohammed, Z. G. Al-Mekhlafi, T. S. Almurayziq, G. Alshammari, A. Alshammari. Detection of Web Cross-Site Scripting (XSS) Attacks. – Electronics, Vol. 11, January 2022, No 14, 2212. DOI: <a href="https://doi.org/10.3390/electronics11142212." target="_blank" rel="noopener noreferrer" class="text-signal-blue hover:underline">10.3390/electronics11142212.</a>
    Search in Google ScholarBack to article
  32. Kusumo, W., A. Erlangga, M. R. Ramadhan. Potential Security Issues in Implementing IaaS and PaaS Cloud Service Models.
    Search in Google ScholarBack to article
  33. Europol. Internet Organised Crime Threat Assessment (IOCTA) 2023. Europol, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.europol.europa.eu/publication-events/main-reports/internet-organised-crime-threat-assessment-iocta-2023">https://www.europol.europa.eu/publication-events/main-reports/internet-organised-crime-threat-assessment-iocta-2023</ext-link>
    Search in Google ScholarBack to article
  34. SWIFT. Swift Customer Security Controls Framework. Society for Worldwide Interbank Financial Telecommunication, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.swift.com/myswift/customer-security-programme-csp/security-controls">https://www.swift.com/myswift/customer-security-programme-csp/security-controls</ext-link>
    Search in Google ScholarBack to article
  35. FinCEN. Financial Trend Analysis: Cybercrime and Cyber-Enabled Crime Against Financial Institutions. Financial Crimes Enforcement Network, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.fincen.gov/resources/financial-trend-analyses">https://www.fincen.gov/resources/financial-trend-analyses</ext-link>
    Search in Google ScholarBack to article
  36. HHS. Healthcare Cybersecurity Report: Rising Threats in Medical Systems, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.hhs.gov/about/news/2023/04/17/hhs-cybersecurity-task-force-provides-new-resources-help-address-rising-threat-cyberattacks-health-public-health-sector.html">https://www.hhs.gov/about/news/2023/04/17/hhs-cybersecurity-task-force-provides-new-resources-help-address-rising-threat-cyberattacks-health-public-health-sector.html</ext-link>
    Search in Google ScholarBack to article
  37. OCR. HIPAA Security Rule Compliance Guide, 2009. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html">https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html</ext-link>
    Search in Google ScholarBack to article
  38. CISA. Federal Civilian Executive Branch Agency Cybersecurity Incident and Vulnerability Response Playbooks, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.cisa.gov/resources-tools/resources/federal-government-cybersecurity-incident-and-vulnerability-response-playbooks">https://www.cisa.gov/resources-tools/resources/federal-government-cybersecurity-incident-and-vulnerability-response-playbooks</ext-link>
    Search in Google ScholarBack to article
  39. O’Brien, J. Higher Education Information Security Council Report: Phishing in Academia. EDUCAUSE Review, 2020. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://er.educause.edu/articles/2020/5/digital-ethics-in-higher-education-2020">https://er.educause.edu/articles/2020/5/digital-ethics-in-higher-education-2020</ext-link>
    Search in Google ScholarBack to article
  40. Gartner. Market Guide for Zero Trust Network Access. Gartner, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.gartner.com/en/documents/4632099">https://www.gartner.com/en/documents/4632099</ext-link>
    Search in Google ScholarBack to article
  41. Google. Safe Browsing: Protecting Web Users for 15 Years and Counting. Google Security Blog, 2023, 2024. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.googblogs.com/category/online-security-blog/page/3/">https://www.googblogs.com/category/online-security-blog/page/3/</ext-link>
    Search in Google ScholarBack to article
  42. FIDO Alliance. FIDO2: Web Authentication (WebAuthn). FIDO Technical Specifications, 2023. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html">https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html</ext-link>
    Search in Google ScholarBack to article
  43. BeEFProject. BeEF – The Browser Exploitation Framework Project. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://beefproject.com/">https://beefproject.com/</ext-link>
    Search in Google ScholarBack to article
  44. OWASP. Cross Site Scripting (XSS) | OWASP Foundation. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://owasp.org/www-community/attacks/xss/">https://owasp.org/www-community/attacks/xss/</ext-link>
    Search in Google ScholarBack to article
  45. Gillis, A. S. What is a Man-in-the-Browser Attack? Security. <ext-link ext-link-type="uri" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://www.techtarget.com/searchsecurity/definition/man-in-the-browser">https://www.techtarget.com/searchsecurity/definition/man-in-the-browser</ext-link>
    Search in Google ScholarBack to article
DOI: https://doi.org/10.2478/cait-2025-0004 | Journal eISSN: 1314-4081 | Journal ISSN: 1311-9702
Journal RSS Feed
Language: English
Page range: 55 - 77
Submitted on: Dec 12, 2024
Accepted on: Feb 24, 2025
Published on: Mar 21, 2025
Published by: Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
In partnership with: Paradigm Publishing Services
Publication frequency: 4 times per year
Keywords:
Adversary-in-The-Middle (AiTM),
Browser-in-the-Browser (BitB),
Phishing,
Multi-Factor Authentication (MFA),
Social engineering,
Zero Trust security,
Ai-Driven threat detection
Related subjects:
Computer sciences,
Information technology

© 2025 Eric B. Blancaflor, Jacob O. Duldulao, John Vincent E. Espeño, Geoff Stephen M. Patag, Ma. Theresa Menor, Grace Lorraine Intal, published by Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.

Previous articleVolume 25 (2025): Issue 1 (March 2025)Next article