Security researchers uncovered a series of phishing campaigns that use a rarely exploited method to steal login credentials, even when protected by encryption. The method relies on blob URIs, a browser feature designed to display temporary local content.

https://www.techradar.com/pro/cybercriminals-have-found-a-sneaky-way-of-stealing-tax-accounts-and-even-encrypted-messages-heres-what-you-need-to-know