1. Email Hijacking
This is one of the oldest types of MitM attacks. As the example above the hacker can breach into bank email accounts and hijack email conversation between client and bank. At the right moment, attackers spoof bank’s email and send malicious document containing their info and paying instructions to the client. Client follows instruction and instead to transfer money to the bank, he transfers to the hackers.
2. Session Hijacking
This attack is also known as cookies hijacking. Cookies are small pieces of data that include valuable information for accessing websites. For instance, our location or pre-filled forms, and stored browser passwords. If attackers can intercept and overtake session with the website and gain control over cookies in the browser, they can use them to easily access sensitive data like stored credit card number and login credentials. This way attackers can play with your identity.
3. HTTPS Spoofing
SSL spoofing doesn’t attack SSL itself. It attacks the transition from non-encrypted to encrypted communication. By installing the false certificate in victim’s browser, that has a piece of code that allows the certificate to connect with the malicious app; an attacker can access all data before it is sent to the app.
4. IP spoofing
IP spoofing is the most-used spoofing attack. Most known is Dos or Denial of Service attack, but in the case of MitM attack malicious attacker uses legit IP address to send malicious packets, and that way tricks the systems. The server allows the access to attacker causing many security threats.
5. DNS spoofing
DNS cache poisoning or spoofing is attacks when hackers exploit domain name server vulnerabilities, usually changing website’s address record, and drive away traffic from legit server to fake server or precisely attacker’s website. Try to access the legit website and you’ll be “redirected” to a fake website.
6. SSL stripping
SSL stripping is a way to regress HTTPS connection to HTTP. Hackers intercept TLS authentication file sent from the server to the client and make session exposed to their control and data manipulation. Instead of requested https://example.com user gets http://example.com.
7. Wi-Fi Eavesdropping
In this case, hackers set phony WI-FI access point using the legit name or name of some business or institution. If victim’s laptop is set to connect to strongest Wi-Fi signal out there, attackers can use the access point to add a laptop to their domain. This way all traffic from laptop to access point is under attacker’s control.