Phishing: Difference between revisions
| Line 12: | Line 12: | ||
===Session Hijackers=== | ===Session Hijackers=== | ||
These attacks can take place either from the malware that is installed on the victim’s computer or remotely. The attacks are triggered when users is trying to log into they account (usually bank accounts) or when they initiate a transaction. The malware then hijack the session for malicious purposes. | |||
===Content-Injection Phishing=== | ===Content-Injection Phishing=== | ||
===“Universal” Man-in-the-middle phishing kit=== | ===“Universal” Man-in-the-middle phishing kit=== | ||
Revision as of 12:00, 31 July 2008
Study Guide
Background
Phishing Attacks
Keyloggers
These are spywares that can get installed either into a web browser or as a device driver. They record the user’s input to the computer by recording the keyboard keystrokes or mouse click. This information will be then sent to the spyware owner. These spywares can cause severe data leak.
Torpig-family Trojan
These Trojans are using advanced technologies that help them to spread very fast and hide very well. They are designed to hijack sessions. These Trojans are constantly monitoring major banks’ websites throughout the world. They display a fake page when a user tries to log in to these websites, and in this way continue to steal the private information of their victims.
Session Hijackers
These attacks can take place either from the malware that is installed on the victim’s computer or remotely. The attacks are triggered when users is trying to log into they account (usually bank accounts) or when they initiate a transaction. The malware then hijack the session for malicious purposes.