Book Image

JavaScript Security

By : Eugene Liang
Book Image

JavaScript Security

By: Eugene Liang

Overview of this book

Table of Contents (13 chapters)

What is JavaScript phishing?


Simply put, phishing is an attempt to acquire sensitive information, such as usernames, passwords, and credit card details, by masquerading as a trustworthy entity in electronic communication.

There are many ways of carrying out phishing: via cross-site scripting and cross-site request forgery, which we have seen in the previous chapters, such as in Chapter 3, Cross-site Scripting and Chapter 4, Cross-site Request Forgery. It does not necessarily take place on your web browser only; it can also start from your e-mail (e-mail spoofing) or even via instant messaging.

Phishing works as a result of mischief (sometimes) and deception; in this final chapter, we will learn about the various ways in which JavaScript phishing works and learn the basics of defending against them.