What is Man in the middle attack - MITM, Example and How to prevent MITM

A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.

The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required.

Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers or an illicit password change.

Additionally, it can be used to gain a foothold inside a secured perimeter during the infiltration stage of an advanced persistent threat (APT) assault.

Broadly speaking, a MITM attack is the equivalent of a mailman opening your bank statement, writing down your account details and then resealing the envelope and delivering it to your door.

Man in the Middle (MITM) Example

Suppose you are connected on a public Wi-Fi and try to login in your Bank or other account.The attacker is sitting in the middle of connection between you and bank servers.

Now when you enter your login Creditonal, the request with data is firstly sent to the attacker then to the server. Here attacker got your Login Details.Now as the request to server is made by Attacker's computer, server serve the requested details like account information, money deposit and withdrawal etc options to attacker and they extract all the money.In this way MITM works.

Prevention of MITM

• Use Virtual Private Network [VPN]
• Secure your network with an intrusion detection system like Antivirus systems
• Secure Your Communications by using https on visiting any website
• Avoid using public WiFi Network

Hope you like the post, so please share with your friends also to protect them.

Thank you