March 15, 2012, 11:59 AM

Driving malicious middlemen out of web browsers

ThreatMetrix launches tools to guard against “man-in-the-middle” web site attacks.

Lead Photo

Online retailers face an ever-evolving challenge of identifying legitimate customers by the devices they’re using to visit a web site while also determining whether those devices have been infected by malware that can steal customer account data, Internet security vendor ThreatMetrix says in a new report, “Cybercrime Battle Basics: Online Account, Transaction and Device Protection.”

Earlier device identification methods relied primarily on software cookies and IP address information to recognize whether a web site visitor was using an Internet access device that had been reported as stolen or compromised, the report says.

But today’s cyberattacks can be far more sophisticated, using such techniques as “man-in-the-middle” attacks that infect web browsers and mobile devices to steal information, ThreatMetrix says. For example, a “man-in-the-browser” or MitB attack may take steps such as injecting additional data fields into a login form, getting an unsuspecting consumer to enter information like a mother’s maiden name and Social Security number. That information might then be used in subsequent attempts at illegal account access.

In a “man-in-the-mobile” attack, malware downloaded through e-mail or other means may trick a consumer into clicking on a web address that downloads software designed to capture a consumer’s passwords and forward them to a cybercriminal.

In still another type of attack, malware known as rootkits are designed to access a computer’s operating system as well as the user’s web browser to detect keystrokes for stealing account data, disabling firewalls and anti-virus software, and turning off Windows security updates.

ThreatMetrix says one new way of addressing these and other types of Internet attacks is by supplementing device identification and anti-malware software with up-to-the-minute updates of fraud reports in transaction data, such as through the company’s Cybercrime Defender Platform.

Among the platform’s features are TrustDefender ID, an Internet-based device identification application that uses shared intelligence from a global network of sites for real-time updates of compromised devices; and TrustDefender Mobile, a software development kit designed to let web site operators validate device identification across hardware, operating systems and downloaded apps.

comments powered by Disqus




From The IR Blog


Cynthia Price / E-Commerce

4 tips for improving email marketing results

Every piece of data you collect can help you serve your audience exactly what they ...


Bart Mroz / E-Commerce

How smaller retailers can utilize data as effectively as Amazon

Smaller companies have more constraints, but once they set priorities can still benefit greatly from ...

Research Guides