A-Z Glossary of Information Security and Social Engineering Terms

Form Grabbing

Form Grabbing

Malware that works by capturing data in a web form before the form is submitted. It is considered more effective than keylogging software, as it captures data even when a virtual keyboard, autofill or copy and paste is used. HTTPS-enabled websites are not immune from this attack vector either, as the data is captured before it gets encrypted. The infamous Zeus and TinyBanker trojans extensively used form grabbing as a mechanism for stealing credentials for online banking. Form grabbing can be mitigated by using anti-virus, an updated browser and eschewing the installation of browser plug-ins.

Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.