Much of our commerce now occurs in the form of ecommerce, through computer users who access services over the Internet and the World Wide Web. Because this commerce involves money, it draws unsavory characters to its periphery—in the form of fraudsters. The aim of these people is to intercept or otherwise interfere with the activities of legitimate commerce so as to identify confidential information like account numbers, passwords, user IDs, and the like, as a mechanism toward stealing money from such users or from the organizations that provide services to such users. For example, through a technique known as a “Man in the Browser” attack, malware may be loaded on a client computer and may attempt to intercept information such as account numbers and passwords when a user interacts with a banking site, or passwords and credit card information when the user interacts with an on-line retail store.
Various approaches have been taken to identify and prevent such malicious activity. For example, some approaches install defensive software on client computers, while others install certain types of security software on receiving computer server systems (e.g., firewalls for a corporation).