SlideShare ist ein Scribd-Unternehmen logo

Man in the Middle.pptx

Als PPTX, PDF herunterladen
A
anwarsnied2

EWR4T4E ERGVEQGB BEEERB

Business
1 von 19
Man-In-The-Middle Attacks
Definition • Man-in-the-Middle (MitM) attacks happen when traffic between two parties is observed or manipulated by an unknown third party. • A MitM attack is a cybercrime method used to steal personal information or login credentials. Cyber criminals also use MitM attacks as a means to spy on, corrupt information, or disrupt communications between two parties. 2 Since the 1980s, MitM attacks have been used to infiltrate traffic between innocent parties.
Methods Man-in-the-Middle attacks can happen in a number of ways: • Types of Spoofing (IP, DNS, HTTPS) • Hijacking (Secure Socket Layer, Email) • Wi-Fi Eavesdropping • Theft of Browsing Cookies 3
Man-in-the-Browser: • When a Man-in-the-Browser attack takes place, the attacker uses a Phishing method in order to administer malware to a device. • Malware is software meant to damage a network, server or personal computer. 4 Phishing is a method of sending fraudulent emails or text messages to trick a user into revealing personal information.
Man-in-the-Browser Continued • A Man-in-the-Browser attack happens when malware installs itself on a victim’s browser in order to record information sent between targeted websites and the user. • Online banking institutions are prone to this form of cybercrime. 5
Example of Man-in-the-Browser 6
IP Spoofing • All devices that connect to the internet have an IP Address. • Spoofing happens when someone or something impersonates a trusted source. • Attackers use IP Spoofing in order to deceive users into revealing sensitive information by “spoofing” their IP and posing as a website or someone familiar. 7 An IP Address is like your home address.
Example of IP Spoofing 8
DNS Spoofing • DNS refers to “Domain Name Server/System”. The DNS system converts names to IP Addresses. • When Spoofing a DNS, a user is forced to an imitation website, similar to the one intended to be viewed. • The goal of the attacker is to divert traffic or retrieve login credentials. 9 Example: The DNS will return the IP address of a visited website when it is typed into a browser.
Example of DNS Spoofing 10
HTTPS Spoofing • HTTPS stands for Hypertext Transfer Protocol Secure. This protocol is used by the Web to format and transmit messages. • Ensure that when visiting a website, the URL indicates that it uses “https” rather than “http”. 11
HTTPS Spoofing • In HTTPS Spoofing, the attacker manipulates the browser into believing it is visiting a trusted website. • After redirecting your browser, the attacker uses the vulnerable website to monitor communication and steal shared information. 12
SSL Hijacking • SSL stands for Secure Sockets Layer, which was a protocol developed in order to communicate over the internet securely. • Sometimes when a device visits an unsecure website (http), it is automatically redirected to the secure version (https). • An attacker utilizes a computer and secure server to reroute information of a user right before connection to a legitimate server, this is SSL Hijacking. 13
Email Hijacking • Email Hijacking occurs when attackers target financial organizations for email information. • After obtaining access to email accounts, attackers can monitor all financial transactions. • Attackers then follow up by “spoofing” the financial institution’s email and possibly providing users with instructions that would result in the attacker receiving funds. 14
Wi-fi Eavesdropping • Wi-Fi connections can be configured and appear to have a valid name, such as the Wi-fi of a favourite coffee shop. • If a user connects to the fraudulent Wi-Fi connection, the user’s online activities can be observed and personal information like banking cards can be attained. 15 Precautions should be taken when connecting to public Wi-Fi connections.
Example of Wi-fi Eavesdropping 16 Precautions should be taken when connecting to public Wi-Fi connections.
Browser Cookies • A browser cookie is a small piece of data stored by the user’s web browser. This data is used to track browsing sessions. • If browsing data is stored in a cookie and the browser cookie is hijacked, cybercriminals may be able to gain passwords, addresses and other sensitive information. 17
Protection • Ensure that the browser is using “https” when browsing the web. • Be on alert of Phishing emails that request credentials to be updated. 18
Protection Continued • Refrain from connecting to public Wi-Fi connections without a VPN. • Make use of internet security applications to thwart MitB attacks. 19

Empfohlen

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
Dumindu Pahalawatta
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
RajuPrasad33
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptx
PradeepKumar728006
 
Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attack
Syed Ali Mujtaba Jaffary
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Small Business
 

Empfohlen

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
Dumindu Pahalawatta
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
RajuPrasad33
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptx
PradeepKumar728006
 
Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attack
Syed Ali Mujtaba Jaffary
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Small Business
 
Man in the middle
Man in the middleMan in the middle
Man in the middle
AhmadThaqifAimanAhma
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks
Anuradha Moti T
 
edu 3 ppt.pptx
edu 3 ppt.pptxedu 3 ppt.pptx
edu 3 ppt.pptx
ArchaWashington
 
HTTPS
HTTPSHTTPS
HTTPS
Justin Denton
 
Unit 3B.pdf
Unit 3B.pdfUnit 3B.pdf
Unit 3B.pdf
TuhinUtsabPaul
 
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
GIRISHKUMARBC1
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
padmeshagrekar
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptx
HarishParthasarathy4
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
taufiq463421
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Animesh Shaw
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?
TechGenie
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
Harshita Ved
 
Cyber security best practices power point presentation
Cyber security best practices power point presentationCyber security best practices power point presentation
Cyber security best practices power point presentation
AbcdEfg576575
 
E commerce
E commerceE commerce
E commerce
Humayun Khalid Qureshi
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
MuhammadRehan856177
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crime
shubhravrat Deshpande
 
Internet security
Internet securityInternet security
Internet security
Mohamed El-malki
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
MuhammadRehan856177
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
marada0033
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
IndeedSEO
 

Weitere ähnliche Inhalte

Ähnlich wie Man in the Middle.pptx

HTTPS
HTTPSHTTPS
HTTPS
Justin Denton
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?
TechGenie
 

Ähnlich wie Man in the Middle.pptx (20)

Man in the middle
Man in the middleMan in the middle
Man in the middle
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks
 
edu 3 ppt.pptx
edu 3 ppt.pptxedu 3 ppt.pptx
edu 3 ppt.pptx
 
HTTPS
HTTPSHTTPS
HTTPS
 
Unit 3B.pdf
Unit 3B.pdfUnit 3B.pdf
Unit 3B.pdf
 
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptx
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?
 
Phishing
PhishingPhishing
Phishing
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
 
Cyber security best practices power point presentation
Cyber security best practices power point presentationCyber security best practices power point presentation
Cyber security best practices power point presentation
 
E commerce
E commerceE commerce
E commerce
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crime
 
Internet security
Internet securityInternet security
Internet security
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
 

Kürzlich hochgeladen

Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
pr788182
 
UAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur Dubai
UAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur DubaiUAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur Dubai
UAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur Dubai
jaehdlyzca
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
allensay1
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
vineshkumarsajnani12
 
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book nowPARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
kapoorjyoti4444
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
daisycvs
 
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
kapoorjyoti4444
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
pr788182
 

Kürzlich hochgeladen (20)

Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024
 
UAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur Dubai
UAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur DubaiUAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur Dubai
UAE Bur Dubai Call Girls ☏ 0564401582 Call Girl in Bur Dubai
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
 
Arti Languages Pre Seed Teaser Deck 2024.pdf
Arti Languages Pre Seed Teaser Deck 2024.pdfArti Languages Pre Seed Teaser Deck 2024.pdf
Arti Languages Pre Seed Teaser Deck 2024.pdf
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
 
Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...
Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...
Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...
 
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book nowPARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NSCROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
 
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 

Man in the Middle.pptx

  • 2. Definition • Man-in-the-Middle (MitM) attacks happen when traffic between two parties is observed or manipulated by an unknown third party. • A MitM attack is a cybercrime method used to steal personal information or login credentials. Cyber criminals also use MitM attacks as a means to spy on, corrupt information, or disrupt communications between two parties. 2 Since the 1980s, MitM attacks have been used to infiltrate traffic between innocent parties.
  • 3. Methods Man-in-the-Middle attacks can happen in a number of ways: • Types of Spoofing (IP, DNS, HTTPS) • Hijacking (Secure Socket Layer, Email) • Wi-Fi Eavesdropping • Theft of Browsing Cookies 3
  • 4. Man-in-the-Browser: • When a Man-in-the-Browser attack takes place, the attacker uses a Phishing method in order to administer malware to a device. • Malware is software meant to damage a network, server or personal computer. 4 Phishing is a method of sending fraudulent emails or text messages to trick a user into revealing personal information.
  • 5. Man-in-the-Browser Continued • A Man-in-the-Browser attack happens when malware installs itself on a victim’s browser in order to record information sent between targeted websites and the user. • Online banking institutions are prone to this form of cybercrime. 5
  • 7. IP Spoofing • All devices that connect to the internet have an IP Address. • Spoofing happens when someone or something impersonates a trusted source. • Attackers use IP Spoofing in order to deceive users into revealing sensitive information by “spoofing” their IP and posing as a website or someone familiar. 7 An IP Address is like your home address.
  • 8. Example of IP Spoofing 8
  • 9. DNS Spoofing • DNS refers to “Domain Name Server/System”. The DNS system converts names to IP Addresses. • When Spoofing a DNS, a user is forced to an imitation website, similar to the one intended to be viewed. • The goal of the attacker is to divert traffic or retrieve login credentials. 9 Example: The DNS will return the IP address of a visited website when it is typed into a browser.
  • 10. Example of DNS Spoofing 10
  • 11. HTTPS Spoofing • HTTPS stands for Hypertext Transfer Protocol Secure. This protocol is used by the Web to format and transmit messages. • Ensure that when visiting a website, the URL indicates that it uses “https” rather than “http”. 11
  • 12. HTTPS Spoofing • In HTTPS Spoofing, the attacker manipulates the browser into believing it is visiting a trusted website. • After redirecting your browser, the attacker uses the vulnerable website to monitor communication and steal shared information. 12
  • 13. SSL Hijacking • SSL stands for Secure Sockets Layer, which was a protocol developed in order to communicate over the internet securely. • Sometimes when a device visits an unsecure website (http), it is automatically redirected to the secure version (https). • An attacker utilizes a computer and secure server to reroute information of a user right before connection to a legitimate server, this is SSL Hijacking. 13
  • 14. Email Hijacking • Email Hijacking occurs when attackers target financial organizations for email information. • After obtaining access to email accounts, attackers can monitor all financial transactions. • Attackers then follow up by “spoofing” the financial institution’s email and possibly providing users with instructions that would result in the attacker receiving funds. 14
  • 15. Wi-fi Eavesdropping • Wi-Fi connections can be configured and appear to have a valid name, such as the Wi-fi of a favourite coffee shop. • If a user connects to the fraudulent Wi-Fi connection, the user’s online activities can be observed and personal information like banking cards can be attained. 15 Precautions should be taken when connecting to public Wi-Fi connections.
  • 16. Example of Wi-fi Eavesdropping 16 Precautions should be taken when connecting to public Wi-Fi connections.
  • 17. Browser Cookies • A browser cookie is a small piece of data stored by the user’s web browser. This data is used to track browsing sessions. • If browsing data is stored in a cookie and the browser cookie is hijacked, cybercriminals may be able to gain passwords, addresses and other sensitive information. 17
  • 18. Protection • Ensure that the browser is using “https” when browsing the web. • Be on alert of Phishing emails that request credentials to be updated. 18
  • 19. Protection Continued • Refrain from connecting to public Wi-Fi connections without a VPN. • Make use of internet security applications to thwart MitB attacks. 19

Hinweis der Redaktion

  1. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  2. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  3. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  4. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  5. References: https://www.imperva.com/learn/application-security/man-in-the-middle-attack-mitm/
  6. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  7. References: https://en.wikipedia.org/wiki/IP_address_spoofing
  8. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  9. References: https://www.imperva.com/learn/application-security/dns-hijacking-redirection/
  10. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  11. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  12. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  13. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html https://unit42.paloaltonetworks.com/threat-brief-conversation-hijacking-spear-phishing/
  14. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  15. References: https://due.com/blog/12-reasons-never-use-public-wi-fi/
  16. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html https://www.wikiwand.com/en/HTTP_cookie
  17. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
  18. References: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html