1. Install Globus Baumarkt from Google Play (or sideload the APK).
2. Open the app once and complete onboarding (pick any market when asked). After that, just press HOME — leave the app alive in the recents stack.
3. Tap the red button below. The Globus app's in-app WebView will render this attacker-controlled phishing form.
4. Type any email/password and tap "Zahlung freigeben". View captures at /log.

Why "leave the app alive": the Globus app's MainActivity.onCreate() does not process intent.getData(), so universal links are only handled when the app is already running and they arrive via onNewIntent(). In a real phishing campaign the victim has the app warm in recents (they installed it because they shop at Globus). If the form does not appear, the app was force-stopped — open it once more and tap the button again.