What is CSRF?

Cross site request forgery (CSRF) is one of the more creative cyber attacks affecting both individuals and businesses.

Say you logged into the website of the bank where you have your small business checking account. When you do this, the site will issue your web browser a cookie containing an authentication token. Every other request you make is allowed by the site as it understands that you are authorized to take this action. Now, without logging out of your account or with your session at the site still valid (this is rare), you visit a third-party website or click on a spam link. The site or link sends a request to your bank’s website without your knowledge. Your browser follows suit, sending the authentication cookie back to the site, appearing to making a request on your behalf.

If you visit a chat forum or a carefully designed malicious website, the HTML image elements or image tags such as one below can enable the unwanted action.

There is no evidence of the attack as the forged request has all the information and originates from the same IP address as an authentic request from you. CSRF is usually employed to transfer money from your bank account to another (the attacker’s) account. It can target your content management system to add or delete content from your website. The attack is quite prevalent in cases where you or your website’s users stay logged in for a long time.

Related Posts