Skip to main content
Threat playbook

Category: Deception & Impersonation

Deception & Impersonation

Browse threats in this category, plus related secure app guides and AI security pages. Each threat page focuses on how the risk shows up in the browser and what isolation changes.

At a glance

  • 6 threats in this category
  • Last updated: 2026-01-29

Common themes

  • phishing
  • deception
  • impersonation
  • domains
  • login
  • malware
  • ads
  • brand

Threats in Deception & Impersonation

Brand impersonation

Brand impersonation is when attackers mimic a trusted company (logo, language, UI) to get users to click, log in, or pay.

Homograph attacks (lookalike characters)

A homograph attack uses lookalike characters (often from different alphabets) to create a domain that visually resembles a trusted brand.

Malicious redirects

Malicious redirects send users through a chain of sites to hide the final destination—often ending in phishing, scams, or malware downloads.

Rogue browser notifications

Rogue browser notifications abuse the browser’s notification permission to spam users with scam alerts, fake security warnings, or phishing links.

Tabnabbing

Tabnabbing is a trick where a background tab changes into a fake login page, hoping the user returns later and enters credentials.

Typosquatting

Typosquatting is when attackers register domains that look like a real brand but rely on typos or subtle differences to fool users.

Keep exploring

Access anything.
Expose nothing.

Legba is a disposable real browser: it spawns a clean session, does the work, and destroys itself on close.

Get started
Read the docs

chromium / real fingerprint · residential ip · burn on close

Real browser. Real IP. Real page. Spawn a session. Do the work. Destroy it. Off your device. Off your stack. Gone on close.