Terminology and Descriptions
of Internet Security Vulnerabilities

HTTPS is the current standard – what is HTTPS?



5 common Cyber Attacks against banking websites

    1. DDoS: Massive traffic shuts down a website
    2. Spoofing: Faking a legitimate website
    3. Phishing: Sending someone to a fake website
    4. Man In the Browser (MIB) & Man In the Machine (MIMa): Toolbars, viruses, or programs that monitor computer and browser activity
    5. Man in the Middle: Communication is intercepted
Multiple methods can be combined in a single attack. Trusteer’s research group has found that 30% of attacks against websites that use two-factor authentication are now utilizing real-time man-in-the-middle techniques to bypass this trusted security mechanism. These findings are based on monitoring of thousands of Phishing attacks.

“When you rob a bank, you have to actually be there on the premises, but if you’re hacking a web application you can work from overseas where there’s very little extradition law and be relatively safe.” at 3:45-3:55 in Dr. Suzan Loveland’s video.