What Is a CSRF Attack and How to Prevent it? A Cross-Site Request Forgery (CSRF) is an attack that tricks a website to execute unwanted actions. It’s similar to phishing, but rather than sending emails or other messages, CSRF attacks trick users into clicking on the attacker's links. These links are embedded in malicious pages that are disguised as legitimate sites. A CSRF attack usually only executes the first time the victim visits the site. To prevent this type of attack, you can set up token-based authentication or use other mechanisms to ensure...