How does EviBITB work? A detailed guide

EviBITB is an extension that you can install on your web browser based on Chromium or Firefox. It allows you to use your smartphone or your NFC HSM card as an authentication key to access the websites you visit. This way, you do not need to enter your credentials on your keyboard, which reduces the risk of them being intercepted by malicious software.

But that’s not all. EviBITB also has a system of detection and removal of BITB iFrames. These are invisible elements that load content from another URL and try to deceive you into entering your authentication information. EviBITB analyzes the source code of the web page and identifies any possible BITB iFrames. If it finds any, it alerts you and offers you to remove them. You can also configure EviBITB to remove them automatically, without asking for confirmation.

By using EviBITB, you can be sure that the web page you see is the one you want to see, and that you do not risk giving away your data to hackers.

The warning window also offers you five buttons to act on the BITB iFrame:

• Close Warning: this button closes the warning window without performing any action on the BITB iFrame. You can use it if you trust the URL of the iFrame or if you want to ignore it.

• Never Show Warnings On This Site: this button adds the URL of the website you are visiting to a list of trusted sites. EviBITB will not alert you if it detects a BITB iFrame on these sites. You can use it if you are sure that the website is safe and does not contain any malicious iFrames.

• Destroy: this button deletes the BITB iFrame from the source code of the web page. You can use it if you do not trust the URL of the iFrame or if you want to get rid of it.

• Clean Storage: this button clears the data stored by the BITB iFrame in the browser, such as cookies or cache. You can use it if you think you have been exposed to a phishing attempt by iFrame and want to erase any traces of it.

• Read More: this button redirects you to a page where you can find more information about EviBITB and its benefits. You can use it if you want to learn more about how EviBITB works and how it can protect you from hackers on the web.

BITB stands for Browser-In-The-Browser. It is a phishing technique that creates a fake browser window within your web browser using HTML and CSS code. This fake window displays an iFrame of redirection, which is an invisible element that loads content from another URL. The iFrame of redirection mimics the appearance and functionality of a legitimate site, such as Google, Facebook, or Outlook, and asks you to enter your authentication information.

The problem is that this fake window also shows a legitimate URL in the address bar, as well as the icon and the title of the original site. This makes it very difficult to detect the phishing attempt, as most users rely on checking the URL to verify the authenticity of a site. Even if you use a secure connection (https), you are not safe from this attack.

BITB is a very dangerous phishing technique that can compromise your online security and privacy. It can allow hackers to access your accounts, steal your data, or even take over your identity.

EviBITB uses a sophisticated algorithm to analyze the source code of the web page you visit and detect any possible BITB iFrames. It looks for clues such as hidden elements, suspicious URLs, or mismatched styles that indicate a fake browser window.

When EviBITB detects a BITB iFrame, it alerts you by displaying a warning window at the bottom of your computer screen. This window tells you the URL of the iFrame of redirection and invites you to check if you trust this URL before entering any sensitive information such as passwords, emails or credit card details.

EviBITB also offers another feature to enhance your online security: authentication via NFC HSM (Near Field Communication Hardware Security Module). This feature allows you to use your smartphone or your NFC HSM card as an authentication key to access the websites you visit.

To use this feature, you need an NFC HSM device compatible with EviBITB. You can find more information about these devices on Freemindtronic’s website.

When you visit a website that requires authentication, such as Google, Facebook, or Outlook, EviBITB asks you to tap your NFC HSM device on your computer screen. This way, EviBITB verifies your identity and grants you access to the website without entering any credentials on your keyboard.

By using NFC HSM technology for authentication, EviBITB reduces the risk of keylogging or phishing attacks that try to capture your credentials.