A bug found in all major browsers could make it easier for criminals to steal online banking credentials. A new type of attack called “in-session phishing” is called a new form of phishing. The attack would use HTML code that looks like a pop-up security alert window. The hard part would be convincing victims that this pop up notice is legitimate. The bug is expected to be fixed by browser makers and criminals who discover the flaw will eventually get patched. Researchers have developed other ways to determine whether a victim is logged into a certain site.”]
Source: https://www.csoonline.com/article/2123585/browser-bug-could-allow-phishing-without-e-mail.html