This is another experiment based off a phishing method i heard about a few months back. The phishing page makes it look like a new window has opened up. The tricky part about this phish is that the attacker can make the url in the url bar of the browser appear to be legitimate, as shown in the image below:
See the Always-Ti.red Browser in the browser phishing site
So how did we do this?
Its all an illusion!
The Microsoft Login window is not really a window at all. Its built in html, javascript and css and lives within my website which is open on your real browser.
To make this even more tricky an attacker can include code into thier BITB phishing site to ensure that the real browser opens in full screen.
https://github.com/mrd0x/BITB