Ever sign into a site using another credential? Browser-in-the-Browser phishing takes advantage of your familiarity with the process.