Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) is a type of cyber attack where a malicious website tricks your browser into performing actions on a different, trusted website without your knowledge. For example, if you're logged into your bank, an attacker could craft a hidden request that transfers money from your account. Because your browser uses your existing login credentials, the trusted website believes the request is legitimate. To prevent this, websites often use security measures like tokens or same-site cookies to confirm that requests are intentionally made by the user.