A man-in-the-middle attack occurs when someone eavesdrop remotely and undetected on unsecured chatter between people and website. To intercept or possibly alter the website traffic a hacker can set up an unsecure WiFi hotspot (evil twin attack), installing a malware on the user’s PC or using a sniffer to intercept the traffic (network sniffer).
Evil twin attacks can be prevented by carefully considering networks before connecting. Oddities like frequent disconnects, promises of fast WiFi networks or strange WiFi locations can signal an evil twin attack.
A network sniffer is used to monitor the network traffic, view details of unencrypted requests or detect network vulnerabilities.
Websites often communicate with web browser over HTTPS which uses cryptography. So, two important measures to use a secure connection would be:
- connect to a familiar, secured WiFi network
- ensure the website uses HTTPS