A Man-in-the-Browser attack, also called a "Proxy Trojan" is a sophisticated attack that infects a user's web browser and allows an attacker to:
One way to prevent Man-in-the-Browser attacks is to use out-of-band transaction verification. This means that transactions must be additionally verified through some means other than the user's Internet banking session (e.g. by fax or by phone). Another method of prevention is through the use of special USB devices, such as IronKey, that increase browser session security.