Trusteer Rapport is an added layer of security against malware that your anti-virus software may not detect. Trusteer Rapport protects against:
A phishing attack is when the attacker builds a phony website (the phishing site) that looks exactly like a website you know and trust (for example your bank's website). The attacker then lures you to visit the phishing website (for example, by sending you a fraudulent email). When you arrive at the phishing website you mistakenly believe that this is the real website. As soon as you try to sign into the phishing website, the attacker grabs your login credentials and can use them to login to the real website, impersonate you and initiate fraudulent transactions.
A pharming attack is when the attacker causes your computer to go to the fraudulent website each time you type a real website's name in your web browser address bar. The attack accomplishes this using various techniques such as infecting your desktop with malware or by compromising servers in your ISP's network. Once you arrive at the fraudulent website and try to sign in, the attacker grabs your login credentials and can now use them to log in to the real website, impersonate you and initiate fraudulent transactions.
A keylogger is a malicious software that hides itself inside your computer. The keylogger records keystrokes (i.e. each time you type something on the keyboard) and then sends this information to the attacker. By grabbing your sign-in credentials and other sensitive information and sending them to an attacker, keyloggers enable an attacker to login to your accounts, impersonate you and initiate fraudulent transactions.
Man-in-the-middle is an advanced variation of Phishing and Pharming attacks. In this particular attack you sign into the website and start working entirely unaware that all the information exchanged between you and the website is being passed on to the attacker. The attacker can view any private information and can alter your transactions. For example, if you request to transfer a certain amount of money to a specific payee, the attacker can change the payee's identity and have the money transferred to a different account.
Man-in-the-browser is malware that resides inside your browser in the form of an add-on (e.g. toolbar, BHO, browser plug-in). This malware controls everything that happens inside your browser. It is capable of reading sensitive information such as your sign-in credentials and passing them to the attacker. It can also generate transactions on your behalf, such as transferring money from your account to the attacker's account.
Screen capturing refers to malware that takes pictures of your computer screen and sends them to the attacker. Screen shots can include your account details, balance, and even credentials when the website uses keypads for login.
Session hijacking refers to malware that steals your session parameters with a specific website and sends this information to the attacker. These session parameters can then be used by the attacker to take over your session with the website and to bypass the authentication process that is required to log into the website.