"The pop-up browser window that you are seeing, prompting me to sign in IS NOT A REAL BROWSER WINDOW. The website author has faked the Firefox UI and I believed it on first glance. The window loaded, drags, closes, and behaves exactly as you would expect. The fake url is https and the fake certificate looks valid, since it is just pixels on a screen. If only they would use the prefers-color-scheme css selector to make the top bar dark, I would have fallen for this trap. A single right click on the red "close this window" button revealed "Inspect Element". Oof, this trick got to real for me. I never gave them any credentials, so my account is still safe.

Be very careful out there, this attack will only become more believable in the future."