A Man-in-the-Middle: The Assaulter

Cyber attacks appear in various forms, a Man-In-The-Middle is one of them. It is abbreviated as MITM, MIM, MitM, and MiM.

In a normal conversation, a server is directly linked to the client while when a man in the middle comes, it breaks the direct link of server and client and passes the false information to the client and server in order to hack his account or commit any sort of cybercrime.

For instance, we often come across situations like receiving an e-mail from a bank that ask your personal information including account no. and all. However, that e-mail is actually not directly from the bank, it is the person who acts as a man in the middle with a motive of fetching your personal details. This is the example of a man-in-the-browser attack; where the criminal becomes successful in finding and inserting the malicious software into the victim’s device whether computer or mobile.

There are a total of 7 types of MITM attacks:-

1. IP spoofing– Every internet connected device has an IP (internet protocol) address which is sufficient for a criminal to commit a crime.
2. E-mail hacking– Here, e-mail is the main target of the attacker which is linked to any bank account or other forms. By hijacking bank email address, criminal becomes eligible to send any information to the customer in the name of the bank which the consumer assumes to be correct and fall prey to cybercrime.
3. Via browser cookies– As, we all know a cookie is a small piece of information that is stored in your device by any website. Now, how it can be helpful for a cybercriminal? To buy something from e-commerce sites, we save our personal information like address and card details in it so that we don’t have to enter them again for further purchasing. And this information is stored in cookies which can be easily hijacked by the assaulter and you can lose your privacy.
4. DNS spoofing– DNS (Domain name server) spoofing is the one where a user might go to the false website; actually driven by the fraudulent; which user believes to be real.
5. SSL hijacking– SSL means secure sockets layer that is used to establish encrypted links between the browser and the web server. The cybercriminal intercepts all the relevant data between server and user’s computer by using a computer and a secure server.
6. HTTPS spoofing– In HTTPS, S stands for ‘secure’. This is the sign that you are on a safe website. However, an attacker can fool the browser by redirecting it to an unsecured website.
7. Wi-Fi spying– The cybercriminal builds a user-friendly Wi-Fi connection which is actually a fraud one. By getting connected to that Wi-Fi, the attacker gets access to all your information.

If you don’t want to be the victim of the above-said attacks, then make it sure not to connect to public Wi-Fi, keep updating your passwords for all your bank accounts, Wi-Fi and so on. Last but not least, install internet security software and keep them up-to-date frequently.