A man-in-the-middle (MITM) attack is a cybersecurity breach in which a perpetrator illegally joins a conversation between two users or a user and an application with the purpose of eavesdropping, data theft, or impersonating one of the parties involved in the communication. The attack usually targets the users of financial applications and websites or services where login credentials are required.
There are many different types of man-in-the-middle attacks, with the most common being DNS spoofing, IP spoofing, WiFi eavesdropping, HTTPS spoofing, SSL hijacking, email hijacking, session hijacking, and man-in-the-browser attacks.
A MITM attack takes place in two distinct phases – interception and decryption. In the first phase, the attacker intercepts information before it reaches its intended destination. This can be done through various forms of spoofing. In the second phase, the attacker decrypts the information without raising any suspicion.
Users can block MITM attacks with the following techniques: