Man in the MiddleCyber Attack
What is a “Man in the Middle” Attack?
What is a “Man in the Middle” attack?
By impersonating the endpoints in an online information exchange (i.e. the connection from your smartphone to a website), the MITM can obtain information from the end user and the entity he or she is communicating with.
For example, if you are banking online, the man in the middle would communicate with you by impersonating your bank, and communicate with the bank by impersonating you. The man in the middle would then receive all of the information transferred between both parties, which could include sensitive data, such as bank accounts and personal information.
How does it work?
Normally, a MITM gains access through a non-encrypted wireless access point (i.e. one that doesn’t use WAP, WPA, WPA2 or other security measures). They would then have access to all of the information being transferred between both parties.
How can I prevent it?
The best way to prevent them is to only use encrypted wireless access points that use WPA security or greater. If you need to connect to a website, make sure it uses an HTTPS connection or, for better security, consider investing in a virtual private network (VPN). HTTPS uses certificates that verify the identity of the servers you’re connecting to using a third-party company such as VeriSign, while VPNs allow you to connect to websites through virtual private networks.