Form grabbing

Form grabbing is a form of malware that works by retrieving authorization and log-in credentials from a web data form before it is passed over the Internet to a secure server. This allows the malware to avoid HTTPS encryption. This method is more effective than keylogger software because it will acquire the user’s credentials even if they are input using virtual keyboard, auto-fill, or copy and paste.^[1] It can then sort the information based on its variable names, such as email, account name, and password. Additionally, the form grabber will log the URL and title of the website the data was gathered from.^[2]

^ "Capturing Online Passwords and Antivirus." Web log post. Business Information Technology Services, 24 July 2013.
^ Graham, James, Richard Howard, and Ryan Olson. Cyber Security Essentials. Auerbach Publications, 2011. Print.

[BITS-1] "Capturing Online Passwords and Antivirus." Web log post. Business Information Technology Services, 24 July 2013.

[Cyber_Security_Essentials-2] Graham, James, Richard Howard, and Ryan Olson. Cyber Security Essentials. Auerbach Publications, 2011. Print.

[1]

[2]