So-called Man in the Browser scam is a common attack by hackers, which relies on people clicking on a link that will take them to a phony Web site. There, malware waits to scoop up any personal information that is entered.
This is no creation of a prankster. According to Klein, the sophistication of its creators is revealed by the fact that there’s a Web portal ready to sell the data that the malware has harvested. What apparently makes this malware cunning is that it can forward data in real-time to scammers; the MitB attack captured data that needed to be filtered.
According to Trusteer, the malware at the moment isn’t on many Web sites. If so, they only have a short period of time to mount a defence.
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com
ITWorldcanada.com is the leading Canadian online resource for IT professionals working in medium to large enterprises. IT World Canada creates daily news content, produces a daily newsletter and features IT professionals who blog on topics of industry interest.