Happy New Year.
How to detect and prevent man-in-the-browser attacks like those involved in
"High roller" and "Euro Grabber"?
I'm evaluating Versafe's anti-trojan and anti-phishing technologies and would
appreciate feedback from anyone using their products or something similar.
For the anti-trojan protection Versafe embeds Javascript code on our wensite
that is transparently distributed and executed by every visitor of our site.
This javascript is capable of scanning the browser content for suspicious
activity common to man-in-the-browser attacks.
For the anti-phishing protection Versafe embeds javascript code on our website.
If this code were copied to another website, the javascript would detect this
and send an alert back to us. I'm still sceptical of this because a savvy
attacker could delete this javascript code from the phished site before it
generates the alert.
Is anyone familiar with these technologies? Any suggestions for solutions from
other vendors?
Brian
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
