40 chapTer 2 Malware Attacks · · Limit your time and activity on sites. Log in to your accounts, get done what you need to, and then disconnect. Once again, these are common sense items we should all follow. However, most of us have our Facebook, Twitter, MySpace, and bank account sites up all at the same time. Oh yeah, let's not forget that we opened another window to do some browsing. This is nothing more than a recipe for disaster. EPIC fAIL there was a friend, whose name we won't mention, that fell victim to a CSRF attack. this friend had implemented every security precaution you could think of, dual forms of antivirus and spyware protection, as well as desktop firewall with some host-based intrusion prevention options. However, this friend managed to lose $1,000.00. this friend was paying his bills through his online bank account when he received an e-mail from a friend telling him to check this site about a place they were going to visit. Little did either of them know that this site had a CSRF attack placed on it. When my friend visited the site, the attack proceeded and the money ended up being sent as a payment from his account to a company overseas for "services rendered." He was able to get his money back by calling the fraud department and explaining what had happened. However, it took a while and was a