What is the term for malicious site activity that exploits user authentication?

The term for malicious site activity that exploits user authentication is CSRF, which stands for Cross-Site Request Forgery. This type of attack occurs when a malicious website tricks a user's browser into making an unwanted request to a web application for which the user is authenticated.

In a CSRF attack, the attacker takes advantage of the fact that browsers automatically include authentication credentials (like session cookies) with requests sent to the target site. For instance, if a user is logged into their banking application and then visits a malicious site, the attacker could craft a request that transfers money from the user's account without their knowledge. Because the browser includes the session cookies from the banking application, the server processes the request as if it was legitimate.

Understanding how CSRF exploits user authentication highlights the importance of implementing anti-CSRF measures, such as tokens that must be included in state-changing requests, ensuring that they are indeed coming from the authenticated user and not from a third-party malicious source.

Other types of attacks mentioned here, such as XSS (Cross-Site Scripting) and SQL Injection, are different types of exploits that either manipulate website content to run scripts in the user's browser or directly manipulate database queries, respectively. Phishing is more related to tricking users