The majority of financial service professionals considers Man In The Browser as the greatest threat to online banking, cybercrime increases its use. The most efficient countermeasure is considered out of Band transaction verification containing transaction details along with OTP and on bank side the adoption of a Fraud detection based on User behavior profiling. Security experts find that most Internet users (73%) cannot distinguish between real and fake pop up warning messages, neither have the possibility to distinguish malware crafted content. The Man-in-the-browser attack is based on the presence on the victim machine of a proxy malware that infects the users browser exploiting its vulnerabilities.”]
Source: http://securityaffairs.co/wordpress/17538/cyber-crime/man-browser-attacks-scare-banking.html