What is a Man in the Browser Attack?
A man in the browser attack is a relatively new application that is capable of stealing login credentials, account numbers and various types of financial information. The attack combines the use of Trojan horses with a unique phishing approach to insinuate a window that overlays the browser on a given computer. The presence of the Trojan horse is transparent to the user, as it does not interfere with the normal use of the browser to visit web sites and engage in transactions on those sites. Man in the browser attacks are designed to capture confidential information that can be utilized to the advantage of the entity that launched the attack. As part of the function, the man in the browser process begins with the establishment of the Trojan on the hard drive. The Trojan embeds in a file and is often hard to isolate. Once in place, the Trojan is in place, the virus launches a transparent overlay on the browser that is highly likely to be detected. Unlike more traditional phishing methods
