In a previous article we analyzed what exactly they are Man-in-the-middle attacks, how they work, how they are conducted and how we can protect ourselves from them. Let's go see it now 7 most common types of man-in-the-middle attacks:
1. IP spoofing
Any device connected to Internet has one IP address. It corresponds to the address of our home. With the IP spoofing, One hacker deceives users and makes them believe they are communicating with someone website or with someone they know while actually communicating with the attacker. So users can give personal information, as they do not know they are in danger.
2. DNS spoofing
The DNS (Domain Name Server) spoofing is a technique that leads the user to a fake site while the user thinks he is visiting the real one. The victim thinks he visits a safe and reliable site, but actually interacts with a cheat. The purpose of the perpetrator is either to influence the actual site traffic or to steal credentials of the user.
3. HTTPS spoofing
As you probably already know, when you visit a site, you must pay attention to the URL. In order for the site to be secure, the address must start with "HTTPS" and not with "HTTP". In fact, S in the end comes from "secure". However, hackers can "Fool" him browser your and make him believe that he is visiting a legitimate and secure site. By redirecting to fake sites, the intruder can track your interactions with this site and may steal it in person data that you share.
4. SSL hijacking
When your device is connected to an unsecured device server, the server often redirects you to its secure version automatically. When connected to a secure server the data is protected.The SSL represents the Secure Sockets Layer, a protocol it creates encrypted connections between the browser and the web server.
On our SSL hijacking the intruder uses another computer and a secure server and monitors all the information that passes between the server and the user's computer.
5. Email hijacking
Many times, criminals target accounts e-mail banks and other financial institutions. Once they have access to their accounts, the hackers are able to monitor the transactions between her bank and its customers. Intruders can breach the bank's email and send false messages to customers. As a result, a customer may end up sending money to hackers, thinking it's a bank instruction.
6. Fake Wi-Fi
Hackers can create links Wi-Fi, which look legitimate. However, if a user connects to the cheater's Wi-Fi, the attacker will be able to monitor the user's activity online. This will gain access to any information the user enters.
7. Theft of his cookies browser
That's it browser cookie is a small piece of information that saves a site.
For example, an online store can store them personal information that you enter and your shopping cart details so you don't have to enter this information every time you visit the site.
A malicious hacker can violate browser cookies. As cookies store information, attackers can gain access to your passwords as well as other sensitive information.
As you can see, there are many types of man-in-the-middle attacks, so we need to be very careful. Hackers are always finding new ways to attack.