Scams such as “Session Riding”, “Cross-Site Referral Forgery” or “One-Click Attack”, can succeed in getting your browser to authorize withdrawals from your bank account. For example, you are part of a forum and in sharing information back and forth with others; you unwillingly insert a piece of your private, personal information. Someone in the forum, perhaps the person who is asking personal questions, can and will harvest your personal information from your forum entries and in time get to your accounts. For more information about Blue Coat click on the active link.
Cross-Site referral forgery
The following characteristics are common to CSRF, which is a process or method used by scammers to gather your personal information you may think is safe. The scammer watches for information, which tells him/her those sites, which rely on your identity. They will then be able to exploit the site’s trust in the identification of you or someone else they choose. By using HTTP, the scammer can trick your browser into sending an HTTP request to your Bank or another site, which holds your identity in a cookie in your browser.
The side effects of this action by a scammer can be you suddenly discover a sum of money withdrawn from your bank account, which you did not withdraw. In reality, the scammer used the information you gave in the forum or elsewhere to trick your browser and your bank, and you are the victim.
Personal information privacy
It cannot be said loud enough for everyone to hear and respond to the statement: Do not give anyone on the Internet any private, personal or financial information unless the site is a secure site with which you are doing business. A secure site always has https at the beginning of the domain name URL. If you are uncertain or feel uncomfortable about the site, then skip the transaction.
The one-click transaction relates to tracking cookies dropped into your computer without your knowledge. For instance, you go to an E-Commerce website and decide to order something and use your credit card for the purchase. You complete the form and when you are finished you click [Done], when you do this, the Scammer’s cookie also clicks [Done] and your order becomes a double order. Who benefits from this? Yes, the person from whom you made the purchase. This is malware and legislators are designing laws to fight this.