Attackers using fake search bar in Chrome for phishing

Share on facebook
Share on twitter
Share on linkedin
Share on email

While most cyberattacks or exploits often rely on flaws in order to trick online users, some are far less complex. Case in point a recently discovered exploit for Chrome, which developer James Fisher uncovered.

Said exploit is specifically designed for the mobile version of the Google browser, and involves a fake address bar popping up on-screen when users scroll down from the top.

The bar will only disappear if a user clicks on to a redirect, and Fisher adds that attackers can even create a page that hides the real search bar from a user’s view.

While Fisher’s exploit is only designed for Chrome, Engadget adds that it could theoretically be applied to a multitude of browsers and platforms. If that indeed happens, though, remains to be seen.

As such it’s important for Chrome users to be aware and on the look for out any suspicious looking sites or pop-up address bars, particularly on mobile. No fix has been detailed at this stage, but 9to5Google says the real address bar can be forced to display by switching on and off your phone’s screen.

Engadget has also reached out to Google for comment, but no official response has been issued just yet. There’s also no certainty about how many phishers are employing this newly discovered technique, but Chrome users are urged to be on the look out.

[Image – CC 0 Pixabay]

Robin-Leigh Chetty

Robin-Leigh Chetty

When he's not reviewing the latest smartphones, Robin-Leigh is writing about everything tech-related from IoT and smart cities, to 5G and cloud computing. He's also a keen photographer and dabbles in console games.