An advanced new phishing attack tricks users into giving away confidential information after they have logged on to an online banking website.
Most computer users are familiar with email phishing, where they are sent emails with links to fraudulent websites. This new “in-session phishing” attack differs because it creates pop-ups while you're in session with your real online banking account, asking for details such as passwords and account numbers.
Attackers compromise the website, inserting code to create the pop-up. Since the user had just recently logged onto the banking website, they may not suspect that the pop-up is fraudulent
No comments:
Post a Comment