Defeating Man-in-the-Browser: How to Prevent the Latest Malware Attacks against Consumer & Corporate Banking
While many safeguards are deployed within financial institutions, criminals are evolving their techniques rapidly. Instead of phishing attacks that lead to fake Web sites designed to harvest usernames and passwords, the techniques are now more sophisticated and effective against previously deployed defenses. Phishing and spear-phishing attacks1 are now designed to deploy malware, which takes over users' browsers and executes malicious transactions. The malware is crafted to avoid detection by antivirus tools. The result is known as a "man-in-the-browser" attack.
This whitepaper will:
- Explain the mechanics of a man-in-the-browser attack
- Review the various counter-measure possibilities
- Compare their effectiveness