CSRF

(Cross-Site Request Forgery) An online forgery that requires knowledge of which Internet-based institutions a person deals with. It is used to steal money or obtain valuable data such as credit card numbers. Also called an "XSRF," "sea surf" and "confused deputy attack," the CSRF is embedded in a fake link or bogus script on a Web page. In either case, the browser executes a malicious transaction such as a wire transfer to the cybercrook's bank.

The CSRF exploit only works if the user is already logged onto the institution's Web site that is being targeted or has recently logged on, in which case a stored cookie used for authentication may still be active. See XSS.

Download Computer Desktop Encyclopedia to your iPhone/iTouch

Search unanswered questions...

Browse: Unanswered questions | Most-recent questions | Reference library

5min Related Video: CSRF

Top

Learn More

	XSRF (technology)
	clickjacking (technology)
	XSS (technology)

Post a question - any question - to the WikiAnswers community:

Copyrights:

Computer Desktop Encyclopedia. THIS DEFINITION IS FOR PERSONAL USE ONLY.
All other reproduction is strictly prohibited without permission from the publisher.
© 1981-2010 The Computer Language Company Inc. All rights reserved. Read

Mentioned in

XSRF (technology)
clickjacking (technology)
XSS (technology)
Cross-site request forgery

International Sites English Deutsch Español Français Italiano Tagalog