diff --git a/apps/browser/src/vault/fido2/content/messaging/messenger.ts b/apps/browser/src/vault/fido2/content/messaging/messenger.ts
index 0f6929c5bcb..103a0c23191 100644
--- a/apps/browser/src/vault/fido2/content/messaging/messenger.ts
+++ b/apps/browser/src/vault/fido2/content/messaging/messenger.ts
@@ -24,10 +24,16 @@ type Handler = (
 
 export class Messenger {
   static forDOMCommunication(window: Window) {
+    const windowOrigin = window.location.origin;
+
     return new Messenger({
-      postMessage: window.postMessage.bind(window),
+      postMessage: (message) => window.postMessage(message, windowOrigin),
       messages$: new Observable((subscriber) => {
         const eventListener = (event: MessageEvent<MessageWithMetadata>) => {
+          if (event.origin !== windowOrigin) {
+            return;
+          }
+
           subscriber.next(event.data);
         };