- In 2026, the corporate browser is the new battlefield, and the prime target is workforce identities.
- Over 90% of incidents originate from credential reuse or incomplete identity controls.
- Basic MFA is no longer enough. Modern phishing techniques such as BitB (browser-in-the-browser), AiTM (adversary-in-the-middle), and ClickFix capture credentials and tokens inside browser sessions.
- Small and midmarket firms are at the highest risk because they often lack dedicated security expertise. So, just one compromised credential can lead to severe operational, financial, and reputational impact.
- Effective identity security now requires control at the credential layer.
- LastPass provides identity security aligned to this browser-first reality.
A browser-based credential attack is any attack that harvests login credentials, session tokens, or authentication cookies from your browser. In 2026, these attacks now account for 47% of all initial access, making the browser the single highest-risk entry point.
Every device in your organization runs a browser. And active browsers are where credentials freely circulate, untracked and unprotected. The newest wave of browser-based credential attacks, from ClickFix campaigns to browser-in-the-browser (BiTB) phishing, are specifically designed to exploit this reality.
The question is no longer whether your industry is a target, but whether your identity security can handle the threats that bypass your current browser protections.
Credential theft is evolving. Is your identity security keeping up in 2026?
For many, identity security hasn’t kept pace with modern attacks.
- Time-to-exfiltration has been compressed to about 72 minutes after initial access — four times faster than in 2025.
- Over 90% of confirmed incidents are due to limited visibility or identity security gaps, not zero-day exploits.
- 97% of identity attacks are password spray or brute force attacks. Just 3% are token theft, AiTM (adversary-in-the-middle), OAuth consent phishing, and exotic MFA bypasses.
So, why do the remaining 3% get the loudest coverage in security circles?
Because ClickFix campaigns, AiTM, and BiTB credential harvesting are specifically engineered to bypass the browser protections you currently have.
This includes basic MFA. SMS codes, email OTPs, and push notifications can all be intercepted, and AiTM proves it. In 2025, 84% of analyzed AiTM intrusions were not stopped by basic MFA.
If you’re evaluating identity security in 2026, the question isn’t which matters more (the 97% of credential-based attacks or 3% of MFA bypasses) but whether your current stack is built to handle both.
Increasingly, both are part of the same attack chain.
Attackers use credential spraying to map valid accounts and then, more browser-native techniques that bypass basic MFA to finish the job.
Three methods are doing the heaviest lifting: ClickFix, BitB phishing, and AiTM.
Before we get into why small and midmarket businesses absorb a disproportionate share of these attacks, it’s worth understanding how all three attacks work and why traditional defenses miss them.
How does ClickFix work, and why has it taken over initial access?
ClickFix is the browser attack technique that has defined credential compromise in 2026. It now accounts for 47% of all initial access intrusions, up 500% from its 2024 baseline.
ClickFix is a social engineering technique that displays a fake CAPTCHA or system alert inside your browser window. It instructs you to open your command terminal and paste a command.
When you do this, malware is downloaded to your device, allowing attackers to harvest your browser passwords, cloud credentials, and crypto wallets.
What’s new in 2026: ClickFix doesn’t just exploit people. It also exploits AI agents.
The most striking example of how this is evolving is PleaseFix, a ClickFix variant that tricks your AI agent into exfiltrating YOUR data to an attacker-controlled machine while performing a routine task for you.
I recently chatted with Numan Ahmad who works in Product Engineering at ObjectSingle Technologies, and he warns that AI agents are highly vulnerable by design as they have no native ability to distinguish between trusted and malicious instructions inside a single context window.
If your team has granted AI agents access to corporate credentials, you must enforce least privilege access.
In LastPass, least privilege controls apply to human users. But because AI agents inherit access via human credentials, governing what people can access in the first place limits what a hijacked agent can reach. And when your team identifies a compromise, those same controls let you revoke and rotate credentials across connected apps fast.
Try LastPass free to get the controls you need to protect your business.
What ClickFix variants are active right now?
The ClickFix variants most active right now are:
- CrashFix, which redirects to the official Chrome store. The goal is to get you to install a fake, malicious version of the uBlock Origin Lite ad blocker.
- FileFix, which delivers a final stage StealC infostealer. The target is your browser and cloud credentials, crypto wallets, and messaging apps.
- Matryoshka macOS Variant, which deploys an AppleScript stealer after you paste a command into Terminal. The target is your credentials and hardware crypto wallets.
- ConsentFix, which generates a fake OAuth consent screen to authorize access. This allows attackers to capture your OAuth authentication codes or tokens, so they can log in as you to SaaS apps.
ClickFix variants can deliver final payloads like:
- LummaStealer (a credential harvesting infostealer)
- Remote access trojans (RAT) like Xworm and AsyncRAT
- Loaders like Latrodectus, which can deliver even more malware
Many of these payloads are fileless and can bypass traditional file-based endpoint protection. You’ll need an XDR with behavioral analytics and memory-aware endpoint monitoring to properly defend against these modern fileless attacks.
What is browser-in-the-browser (BitB) phishing, and why does it bypass standard MFA?
In browser-in-the-browser (BitB) phishing, the attacker uses HTML, CSS, and JavaScript to fake a login window inside a lookalike branded page.
On your end, it looks like a real Microsoft, Facebook, or Google sign-in pop-up. The legitimate domain may even appear in the address bar of the pop-up display.
As of January 2026, BitB functionality has been added to at least two Phishing-as-a-Service kits — Sneaky2FA and Raccoon0365 — making browser attacks even more accessible to low-skilled threat actors.
Why doesn’t standard MFA stop BitB attacks?
In a BitB attack, the attacker’s reverse proxy sits between you and the real platform, be it Amazon, Facebook, or Steam.
If you enter credentials into the fake pop-up and then complete basic MFA, all of this is passed to the real site, which will then issue a session token.
This token is captured by the proxy, which means the attacker can now open the session and act as you, until the token expires, at least.
Since BitB attacks are session or token-based, classic MFA is ineffective once the session has been hijacked.
How do you spot a BitB window before you enter your credentials?
Three indicators can help you spot a BitB scam:
1. The pop-up doesn’t trigger autofill
2. The window can’t be dragged outside the browser frame
3. The window can’t be minimized independently of the browser
That first signal is your clearest sign. If your IDaaS (identity-as-a-service) provider doesn't recognize the login window and won’t autofill, treat the popup as hostile.
Don’t enter your credentials yourself.
IDaaS providers like LastPass also provide phishing resistant FIDO2 MFA that are bound to specific domains and your device, making your credentials much harder to capture in reverse proxy or browser-in-the-browser flows. You can try LastPass for free to learn more.
Why are small to midmarket firms the primary target for browser-based credential attacks?
Attacks on small and mid-sized businesses grew 20.8% year-over-year in 2026. For organizations with 50-500 employees and lean IT teams, the browser attack surface is almost entirely unmonitored.
In addition, the standard small business security stack — basic EDR, email filtering, standard MFA — was built for a threat model dominated by malicious attachments and malware on disks.
These controls are largely defenseless against AITM reverse proxies stealing session tokens or employees voluntarily executing ClickFix payloads because they think they’re completing valid CAPTCHAs.
Here’s what makes small to midmarket firms structurally more exposed
- No browser-level visibility. Most small to mid-market firms don't monitor browser telemetry, so credential theft goes undetected until real operational and financial damage occurs.
- Password reuse across SaaS tools. One credential set often provides access to multiple business-critical apps.
- No passkey deployment. FIDO2 logins using passkeys or hardware security keys are the only phishing-resistant authentication methods. But most SMBs haven't deployed them: In 2026, only 26% of small businesses use MFA. And of the ones that do, the preferred methods are SMS, email, and TOTP apps — none of which are phishing-resistant.
How does an IDaaS provider like LastPass stop browser-based credential attacks?
Fake login windows won’t trigger autofill because the domain doesn't match the stored credential. In addition to autofill, LastPass also provides the identity control layer your team needs:
- Advanced SSO across federated and non-federated apps
- MFA policy enforcement with audit logging
- Shadow SaaS and AI discovery for credentials created outside IT oversight
- Dark Web Monitoring alerts on compromised credentials
Why does traditional identity security fall short in 2026?
Traditional identity security was built for a different threat era, one where the network was the perimeter and credentials lived mostly in directories.
Today’s browser-based threats, however, test the very limits of the controls you’ve always trusted, such as EDR, SMS MFA, and even SSO.
This easy table shows you where traditional controls fall short.
What traditional identity security covers and where it breaks in the browser
| Traditional control | What it was designed to stop | Why it fails against browser-based attacks |
|---|---|---|
| Passwords | Prevent weak or reused credentials | Session tokens and OAuth grants bypass passwords entirely |
| MFA / 2FA | Verify user presence at login | AITM and BitB attacks use reverse proxies to relay MFA codes in real time |
| SSO / Identity provider | Centralize authentication | SSO alone doesn’t cover every SaaS or AI tool |
| Basic EDR endpoint security | Detect malware and suspicious processes | ClickFix and BitB can succeed without traditional malware written to disk |
I have Microsoft Defender for Cloud Apps (MDCA). Why do I need LastPass?
Most legacy controls were never designed to evaluate whether a login window is genuine or whether credentials are being reused across unapproved SaaS and AI tools.
That gap (inside an authentication session) is where modern browserbased credential attacks succeed. Closing it requires three coordinated layers.
- Layer #1 Simplified, secure sign-ons. See where credentials are actually being entered and get in-browser warnings to guide secure behavior. This layer operates inside the live browser login experience.
- Layer #2 Controlled access for everyone. Every app credential must be unique, random, and encrypted. This forces attackers to confront the challenge of strong, centralized encryption rather than a sprawl of unprotected credentials across multiple standalone apps.
- Layer #3 SaaS and AI visibility. Get visibility into what apps exist so you can enforce the right identity protections for your business.
If you have Microsoft Defender for Cloud Apps (MDCA), you may think it already covers all the above.
But if MDCA isn’t fully configured or operationalized, you’ll still have credential sprawl.
While MDCA plays a critical role in SaaS governance and cloud session control, it doesn’t close the credential and identity gap.
Understanding how session control and identity security differ — and how they can work together — is essential to modern browser security.
How LastPass & MDCA handle browserbased credential risk
| Capability | LastPass (credential layer identity security) | Microsoft Defender for Cloud Apps (MDCA) |
|---|---|---|
| Primary focus | SaaS Monitoring + credential hygiene inside the browser | Cloud app governance, SaaS risk discovery, and session-level controls |
| Browser login context | Uses domainmatched autofill to reduce risks from lookalike login windows | Relies on IdP (identity provider) and reverseproxy controls; doesn’t provide browser autofill |
| How SaaS usage is discovered | Through credentials and login activity in the browser | Through network telemetry and activity logs |
| SSO coverage across federated & non-federated apps | Yes, enforces access policies consistently across apps — including those that don’t support SSO | Provided by Microsoft Entra ID, not part of MDCA |
| MFA policy enforcement | Yes, applies authentication policies based on browser login behavior | Provided by Microsoft Entra ID, not part of MDCA |
| FIDO2 passkey and hardware security key support | Yes, enables phishing resistant authentication where basic MFA can be bypassed | Provided by Microsoft Entra ID, not part of MDCA |
| Dark Web Monitoring | Yes | Yes, but only in Microsoft Defender, not MDCA |
| Deployment effort | Existing browser extension; easy setup with immediate visibility | Requires deploying and configuring Defender for Endpoint agents, setting up log collection, and navigating multiple admin portals |
| Effective monthly cost to enable this coverage | $9/user/month (LastPass Business Max) | $34/user/month (Business Premium + E5 Security add-on). Microsoft 365 E5 full license is $57/user/month |
*Microsoft product capabilities vary by license, configuration, and deployment model. Microsoft Entra ID and Microsoft Defender for Cloud Apps are distinct products that work together as part of Microsoft’s broader security platform.
How LastPass works with MDCA
- LastPass: Immediately reduces credential-driven risk with SaaS visibility and granular access controls.
- Better together: MDCA discovers and assesses SaaS usage and app risk. LastPass reduces the credential risk behind that usage (reused credentials, unmanaged access paths, risky login habits).
Read how companies like Axxor are closing the browser identity security gap with LastPass and then book a 20-minute session to surface credentials across your SaaS.
Sources
- ESecurity Planet: CyberProof 2026 report warns of rising identity and AI cyberattacks
- Startup Defense. Browser-based attacks in 2026: What every startup needs to know
- HelpnetSecurity. Browser-in-the-browser phishing is on the rise: Here’s how to spot it (2026)
- Cybersecurity Insiders. What are the most dangerous cybersecurity threats to your website in 2026?
- SonicWall: 2026 Cyber Protect report
- Palo Alto Networks Unit 42 Report: AI and attack surface complexity fuel majority of breaches
- Infosecurity Magazine: Phishing scams exploit browser-in-the-browser attacks to steal Facebook passwords (2026)
- SC World: BitB phishing tactic increasingly used to compromise Facebook credentials (2026)
- Microsoft Digital Defense Report (2025)
