'Man in the Browser' and Other Cybercriminals Target the Unaware
InvestmentNews, By Joyce Hanson
As the Securities and Exchange Commission increases its scrutiny of cybersecurity at advisory firms, experts are warning of growing threats from scammers who are exploiting both software and human weaknesses to attack adviser practices and client accounts.
One new online scam, known as “the man in the browser,” gives hackers a direct connection from an infected victim's machine into a target organization. Attackers get into users' machines while they browse the web, and then set to work installing malware, according to Roel Schouwenberg, principal researcher at IT security vendor Kaspersky Lab. By exploiting weaknesses, hackers can take advantage of errors in programming, he said. Read more.