Man-In-The-Browser Attacks
Man-in-the-Browser attack (MITB) is a trojan horse proxy that infects online browsers. It plays the role of a MITM, sniffing and modifying transactions performed on the infected browser, but still displaying back the user’s legitimate input. Most users assume their transactions are protected via SSL if they’re using a website with HTTPS enabled, but SSL only protects data in transit, between the browser and the server.
Better certificate management can prevent infection, but this is very hard to guarantee when a user is banking from their personal computer. Luckily, this attack can also be prevented by implementing multi-factor authentication tokens to protect the bank transaction itself.