Exemplifying Emerging Phishing: QR-based Browser-in-The-Browser (BiTB) Attack
Abstract
Lately, cybercriminals constantly formulate productive approaches to exploit individuals. This article exemplifies an innovative attack, namely QR-based Browser-in-The-Browser (BiTB), using proficiencies of Large Language Model (LLM) i.e. Google Gemini. The presented attack is a fusion of two emerging attacks: BiTB and Quishing (QR code phishing). Our study underscores attack's simplistic implementation utilizing malicious prompts provided to Gemini-LLM. Moreover, we presented a case study to highlight a lucrative attack method, we also performed an experiment to comprehend the attack execution on victims' device. The findings of this work obligate the researchers' contributions in confronting this type of phishing attempts through LLMs.
Keywords
Cite
@article{arxiv.2505.18944,
title = {Exemplifying Emerging Phishing: QR-based Browser-in-The-Browser (BiTB) Attack},
author = {Muhammad Wahid Akram and Keshav Sood and Muneeb Ul Hassan and Basant Subba},
journal= {arXiv preprint arXiv:2505.18944},
year = {2025}
}
Comments
This manuscript is of 5 pages including 7 figures and 2 algorithms