So-called Man in the Browser scam is a common attack by hackers, which relies on people clicking on a link that will take them to a phony Web site. There, malware waits to scoop up any personal information that is entered.
(Graphic from Shutterstock)
This is no creation of a prankster. According to Klein, the sophistication of its creators is revealed by the fact that there’s a Web portal ready to sell the data that the malware has harvested. What apparently makes this malware cunning is that it can forward data in real-time to scammers; the MitB attack captured data that needed to be filtered.
According to Trusteer, the malware at the moment isn’t on many Web sites. If so, they only have a short period of time to mount a defence.