Inline frames (iFrames) are an easy way to embed content from another site onto your own. This element allows you to insert another document inside an HTML page and can be really useful for embedding interactive applications like Google maps, advertisements and ecommerce applications.
iFrame elements are also popular with website attackers because it allows them to easily load malicious content from their own servers.
Attackers often use this feature to insert malicious content into compromised sites for the purpose of spam redirection, phishing, and distributing malware.
This is a Security Bloggers Network syndicated blog post authored by Denis Sinegubko. Read the original post at: Sucuri Blog