Terminology and Descriptions
of Internet Security Vulnerabilities
HTTPS is the current standard – what is HTTPS?
5 common Cyber Attacks against banking websites
- DDoS: Massive traffic shuts down a website
- Spoofing: Faking a legitimate website
- Phishing: Sending someone to a fake website
- Man In the Browser (MIB) & Man In the Machine (MIMa): Toolbars, viruses, or programs that monitor computer and browser activity
- Man in the Middle: Communication is intercepted
Multiple methods can be combined in a single attack. Trusteer’s research group has found that 30% of attacks against websites that use two-factor authentication are now utilizing real-time man-in-the-middle techniques to bypass this trusted security mechanism. These findings are based on monitoring of thousands of Phishing attacks.
“When you rob a bank, you have to actually be there on the premises, but if you’re hacking a web application you can work from overseas where there’s very little extradition law and be relatively safe.” at 3:45-3:55 in Dr. Suzan Loveland’s video.