Case Study of Man In the Middle Attack
- Case Study-1: The credit score company Equifax removed their apps from Google and apple due to the data leaking. It has been found that the app did not use HTTPS which allowed the attackers to get all those data when the user was accessing their account.
- Case Study-2: There was a registrar company that was breached and enabled the attacker to gain access to many certificates. These certificates allowed the attacker to pose as an authentic website to steal the data from the user, the authentic website in this case was duplicated.
- Case Study-3: There was a bank that was targeted by the attacker. The attacker sends an email to the customer that someone might have attempted to log in to their bank account, and they need the information from them to verify. The email that was sent to the customer was a phishing attack. So the victim will click on the link sent in the email, and they would be taken to a fake website. The fake website will seem to be original. When the victim will enter the details, it will be redirected to the original website. Now the attacker got access to the victim’s account.
Users should be aware of
- Public Wi-Fi Network.
- Don’t access that Wi-Fi where the name of the Wi-Fi does not seem to be right.
How to Prevent Man In the Middle Attack?
In a web application, there are two things usually: the client and the server. The third entity that remains unnoticed most of the time is the communication channel. This channel can be a wired connection or a wireless connection. There can be one or more servers in the way forwarding your request to the destination server in the most efficient way possible. These are known as Proxy servers.
Contact Us