What is a Man-in-the-Middle Attack?


Gemma Davison
Updated 28 June 2021
What is a Man-in-the-Middle Attack?
Share to

United States Scam & Fraud Statistics 2020


$3.3 billion total fraud losses
4.7 million fraud reports

1.4 million reports of identity theft

Source: 2019-20 Consumer Sentinel Report

Sections on this page
  1. How a Man-in-the-Middle (MitM) Attack Works
  2. Signs of a Man-in-the-Middle Attack
  3. How Do You Protect Yourself from MitM Attacks?

When you’re online, it’s normal to expect your communication with websites and apps to be confidential. For example, when you log in to any of your online accounts, you assume that third parties can’t see, intercept, or change your password as it is sent. 

By working on this assumption, a cybercriminal can interject themselves into the online communication process, stealing or altering your sensitive information, without your knowledge. This is a man-in-the-middle (MitM) attack, and it can leave you vulnerable to fraud, identity theft, malware, and other cyber threats. 

MitM Attack: The Basic Process

  1. Scammer eavesdrops on your online communication.
  2. Scammer intercepts your message, e.g., login credentials.
  3. Scammer alters the message or steals the information.

 There’s no need to worry just yet. You can prevent MitM attacks by recognizing the signs and protecting yourself online with good cybersecurity practices.

How a Man-in-the-Middle (MitM) Attack Works

A MitM attack is a type of cyber attack, where a scammer positions himself between the communication between you and another person or an application. The scammer will either eavesdrop on the exchange or impersonate one party, making it seem as if the communication is entirely normal.

How Does a MitM Attack Work?  Example 1

  1. You receive a legitimate-looking email from your bank.
  2. You’re asked to confirm your contact details by clicking a link within the email.
  3. You’re directed to a website that appears to be your bank’s website.
  4. You enter your login details.
  5. You’ve just handed over your banking credentials to a scammer.

The ultimate goal of a MitM attack is to steal personal information, such as:

  • Account details
  • Login credentials and credit card numbers.

This can be done directly via eavesdropping or by sending malware to your device, which sends your sensitive information back to the scammer.

The stolen information can be used for several illicit purposes, including:

  • Identity theft
  • Credit card fraud
  • Unapproved transfer of funds
  • Hijacking your accounts for criminal activity 

Common targets of MitM include financial applications, e-commerce sites, social media, and online instant messaging services.

How Does a MitM Attack Work?  Example 2

  1. A scammer installs a program that looks for insecure internet communications.
  2. When you log in through the insecure connection, the scammer steals your credentials and redirects you to a fake site that looks genuine.
  3. The scammer gathers your information through the illegitimate site to use on the real one.

Signs of a Man-in-the-Middle Attack

MitM attacks are often difficult to spot, but there are some signs to look out for that may suggest that someone is spying on your internet activity, including:

  • Unexpected or repeated disconnections when you’re browsing the internet
  • Strange or unfamiliar web addresses in your browser address bar
  • Automatically being redirected to a different webpage

If you notice any of these, or other potentially suspicious things going on with your internet connection or devices, you should:

  • Check if your WiFi connection is secure
  • Log out of all accounts
  • Run a virus scan to make sure no malicious software has been installed on your device

How Do You Protect Yourself from MitM Attacks?

One of the most common (and simplest) ways scammers carry out MitM attacks is by setting up a free, malicious WiFi hotspot that anyone can use. They aren’t password-protected, but as soon as you connect to them, the scammer can see everything you do online, including when you log in to accounts and share personal information.

Tips for Staying Safe from MitM Attacks on Public WiFi

  • Avoid public WiFi networks that aren’t password protected.
  • Use a virtual private network (VPN) when using public WiFi. Your internet activity will be encrypted, preventing scammers from stealing your info.
  • Never carry out financial transactions on public WiFi.
  • Change the settings on your devices, so they don’t automatically connect to WiFi.

 Additional ways to protect yourself from MitM attacks include:

  • Using two-factor authentication (2FA) wherever possible. This means that your login credentials will not be enough for a scammer to steal your information.
  • Only connect to secure websites with HTTPS or the padlock icon at the beginning of the web address.
  • Update your software as soon as new versions are available.
  • Use a browser security extension, such as Privacy Badger or Click & Clean.
  • Install antivirus software on your devices.
  • Keep your passwords safe with a password manager, and always use unique and complex passwords for each of your accounts.

About This Article


Share This Article to Help Others

Comments