Imagine you’re trying to log into your online banking account. Rather than being directed to the page you’ve requested after entering in your User ID and password, an additional field appears and asks you to enter your debit card information, social security number, driver’s license, and other personal information. You check the URL of the website, and it’s verified to be from your bank.
If you entered in your personal information, you’ve likely become a victim of a man-in the-browser attack. And it only gets more problematic from here. In this case your PC, not the bank’s website, has been compromised by malware.
Continue Reading… The Man-In-The-Browser: It Hungers For Your Online Credentials