It is a rainy Monday morning, and John is working from home, in his cozy apartment. He activated his VPN to access his business files, and everything is going well. Ding ! It’s a new email !
Unknown sender, but he opens it carefully. There is a link inside, but the URL seems to be legit, and curiosity makes him click on it. He lands on a really interesting website with cybersecurity news, and starts reading. But all of a sudden, his VPN goes down, and he needs to reconnect to not lose his work.
But in reality, the VPN connection is perfectly fine, and he just fell for a variant of the Browser-in-the-Browser attack. This time, the fake window does not simulate a new browser instance, it masquerades as another programme. In reality, everything happens within the web page, but that’s too late …
