Man In The Middle Attack (MITM) http://phoenix96.home.blog/2021/04/23/man-in-the-middle-attack-mitm/">https://phoenix96.home.blog/2021/04/2...
                        
                                                
                        
                        
                        
                                                
                    
                    
                                    
                    
                    
                                    
                    
                        
                        
                        IP spoofing
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Every device capable of connecting to the internet has an internet protocol (IP) address, which is similar to the street address for your home.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        By spoofing an IP address, an attacker can trick you into thinking you’re interacting with a website or someone you’re not, perhaps giving the attacker access to information you’d otherwise not share.
DNS spoofing
                    
                                    
                    DNS spoofing
                        
                        
                        Domain Name Server, or DNS spoofing is a technique that forces a user to a fake website rather than the real one the user intends to visit.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        If you are a victim of DNS spoofing, you may think you’re visiting a safe, trusted website when you’re actually interacting with a fraudster. The perpetrator’s goal is to divert traffic from the real site or capture user login credentials.
HTTPS spoofing
                    
                                    
                    HTTPS spoofing
                        
                        
                        When doing business on the internet, seeing “HTTPS” in the URL, rather than “HTTP” is a sign that the website is secure and can be trusted. In fact, the “S” stands for “secure.” An attacker can fool your browser into believing it’s visiting a trusted website when it’s not.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        By redirecting your browser to an un-secure website, the attacker can monitor your interactions with that website and possibly steal personal information you are sharing.
SSL hijacking
                    
                                    
                    SSL hijacking
                        
                        
                        When your device connects to an un-secure server — indicated by “HTTP” — the server can often automatically redirect you to the secure version of the server, indicated by “HTTPS.” A connection to a secure server means standard security protocols are in place, protecting the…
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        …data you share with that server. SSL stands for Secure Sockets Layer, a protocol that establishes encrypted links between your browser and the web server.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        In an SSL hijacking, the attacker uses another computer and secure server and intercepts all the information passing between the server and the user’s computer.
Email hijacking
                    
                                    
                    Email hijacking
                        
                        
                        Cybercriminals sometimes target email accounts of banks and other financial institutions. Once they gain access, they can monitor transactions between the institution and its customers.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        The attackers can then spoof the bank’s email address and send their own instructions to customers. This convinces the customer to follow the attackers’ instructions rather than the bank’s. As a result, an unwitting customer may end up putting money in the attackers’ hands.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Wi-Fi eavesdropping
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Cybercriminals can set up Wi-Fi connections with very legitimate sounding names, similar to a nearby business.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Once a user connects to the fraudster’s Wi-Fi, the attacker will be able to monitor the user’s online activity and be able to intercept login credentials, payment card information, and more. This is just one of several risks associated with using public Wi-Fi.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        You can learn more about such risks here.
Stealing browser cookies
                    
                                    
                    Stealing browser cookies
                        
                        
                        To understand the risk of stolen browser cookies, you need to understand what one is. A browser cookie is a small piece of information a website stores on your computer.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        For example, an online retailer might store the personal information you enter and shopping cart items you’ve selected on a cookie so you don’t have to re-enter that information when you return.
A cybercriminal can hijack these browser cookies.
                    
                                    
                    A cybercriminal can hijack these browser cookies.
                        
                        
                        Since cookies store information from your browsing session, attackers can gain access to your passwords, address, and other sensitive information.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        This thread can be read here: http://phoenix96.home.blog/2021/04/23/man-in-the-middle-attack-mitm/">https://phoenix96.home.blog/2021/04/2...
                        
                                                
                        
                        
                        
                                                
                    
                    
                
                 
                         Read on Twitter
Read on Twitter 
                             
                                     
                                    