HomeWinBuzzer NewsGoogle Chrome and Microsoft Edge Application Mode Can Be Targeted by Phishing...

Google Chrome and Microsoft Edge Application Mode Can Be Targeted by Phishing Attacks

Threat actors are using Application Mode in Google Chrome and Microsoft Edge to start phishing attacks against users.

-

A new security report says a feature built into all browsers – including Chrome and Edge – is attracting a new type of technique. Specifically, the Application Mode tool gives threat actors a way to show login forms that look like desktop apps.

Developed by Google for Chrome, but also available in and other browsers, Application Mode is an interesting feature. It allows the browser to run websites as if they are a native app.

When using the mode, a website will open in a new window and will provide a simpler UI. The URL address bar and toolbars are not visible. If you are on Windows, the taskbar also disappears and is replaced by the website's favicon.

Phishing

However, phishing attackers are using it to generate login screens that look legitimate. So much so, unwitting users may not be able to tell the difference between the fake pages and the real ones.

Bleeping Computer reports can use Application Mode to build realistic-looking login forms. However, an attacker would need to start with the threat actor tricking the user into using a Windows shortcut that evokes the infected URL in Application Mode.

People are used to interacting with browsers and are less cautious than they might be with other phishing attack vectors.

It is worth noting the danger of the potential attack is limited because Application Mode launches locally on a PC. In other words, only the target device can be compromised.

Tip of the day: downloads can often be frustrating because they are several gigabytes in size and can slow down your internet connection. That means your device may work with reduced performance while the update is downloading. In our guide we show you how to limit bandwidth for Windows Update downloads, so they won't bother you again.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News