Definition

form grabber

TechTarget Contributor

By

TechTarget Contributor

A form grabber is a type of malware that captures data such as IDs and passwords from browser forms.

The target of a form grabber is the user’s Internet banking information. Form grabbers typically gain access as a Trojan horse. Once running on a host machine, a form grabber detects Internet banking login information as it is being entered into a form, along with other identifying information that will help the software masquerade as a customer.

The form grabber often stores the stolen information for easy access and also sends it back to a parent server, where it may be added to a database. The information may be used immediately for banking fraud or sold to other parties.

A form grabber may be a component of a more complex piece of malware such as Hand of Thief. Internet banking crimeware is one of the largest and fastest-growing types of malware threats. Such malware affects most common operating systems (OS) and Web browsers.

This was last updated in September 2013

Continue Reading About form grabber

Stealing information and exploitation: Form grabbing

Malware, the ever-evolving threat

SearchCompliance

ISO 31000 Risk Management
The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...
pure risk
Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.
risk reporting
Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity

one-time pad
In cryptography, a one-time pad is a system in which a randomly generated private key is used only once to encrypt a message that...
What is cyber hygiene and why is it important?
Cyber hygiene, or cybersecurity hygiene, is a set of practices individuals and organizations perform regularly to maintain the ...
Pretty Good Privacy (PGP)
Pretty Good Privacy or PGP was a popular program used to encrypt and decrypt email over the internet, as well as authenticate ...

SearchHealthIT

protected health information (PHI) or personal health information
Protected health information (PHI), also referred to as personal health information, is the demographic information, medical ...
digital health (digital healthcare)
Digital health, or digital healthcare, is a broad, multidisciplinary concept that includes concepts from an intersection between ...
HIPAA (Health Insurance Portability and Accountability Act)
HIPAA (Health Insurance Portability and Accountability Act) is United States legislation that provides data privacy and security ...

SearchDisasterRecovery

What is risk mitigation?
Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.
fault-tolerant
Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...
synchronous replication
Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage

information lifecycle management (ILM)
Information lifecycle management (ILM) is a comprehensive approach to managing an organization's data and associated metadata, ...
WORM (write once, read many)
In computer media, write once, read many, or WORM, is a data storage technology that allows data to be written to a storage ...
direct access
In computer storage, direct access is the process of reading and writing data on a storage device by going directly to where the ...

Close