BitB attacks are a growing concern… BitB (browser within a browser) is a new phishing technique that replicates single sign-on pop-ups to steal login credentials. The attack uses a combination of HTML and CSS to mimic a fake browser design in a browser that is indistinguishable from a real login page. BitB attacks are especially dangerous because they can provide the victim with a legitimate URL on a phishing site. In May, a company was identified (https://www.phishlabs.com/blog/why-bitb-attacks-are-concerning/) targeting financial institutions and using a fake authorization form a la Office 365 (O365). To get a simple idea of how the BitB attack works, you can check out the following article (https://infosecwriteups.com/bitb-browser-in-the-browser-attack-e2008c405701) and repository (https://github.com/ surya-dev-singh/BITB-framework). Since the attack is based on HTML code, it is difficult to detect and it is difficult to create an indicator of compromise (IOC). One possible detection method is to check if the SSO popup can go beyond the browser.