Man In The Browser attack and OTP (Banking Institutions)

The view of security experts and financial services professionals considers the Man in the browser as the greatest threat to online banking, cybercrime increases its use.

Man in the Browser attack, DDoS attacks, phishing, are more important and insidious cyber threats against banking institutions. Latest statistics proposed by leading security companies confirm that online banking is considered a lucrative business for cybercrime.
In contrast, the response of the banking world was improving authentication processes, a classic example is represented by the rapid diffusion for multi-factor authentication, such as OTPs.
Classic for the “Man in the Middle” attack the attacker scheme is between the client and server banking victim, it is clear that the introduction of encrypting traffic could make the technique ineffective.
In the financial services sector in a survey Man In The Browser considered to be the greatest threat to online banking, malware, such as Zeus, Carberp, Sinowal and Clampi have capabilities MITB.

Security: the most effective preventive measure is considered out transaction verification band containing the transaction details along with OTP and the side of the bank to adopt a fraud detection based on the behavior of user profiles.

View full post on Who Got Hacked – Latest Hacking News and Security Updates