DEFINITION of 'Man-In-The-Middle Fraud'

Man-In-The-Middle Fraud is a crime where an unauthorized third party obtains a consumer’s or business’s sensitive data as it is being sent over the Internet. This fraud can be accomplished fairly easily over an unsecured network, such as public WiFi, or a poorly protected home network. It can also be carried out through installing malware on the target’s computer.

BREAKING DOWN 'Man-In-The-Middle Fraud'

You could become a victim of man-in-the-middle fraud if a criminal “eavesdrops” on your login credentials when you log in to your bank account through an unsecured wireless network. You’ll have no idea that anything unusual is happening. Later, with your login name and password, the thief can clean out your bank account.

Fake WiFi Networks

Criminals can also set up fake public WiFi networks that innocent users then log onto and send data over. The criminal has access to all the information that the users send over that network and can steal any valuable data. A criminal could also conduct a man-in-the-middle attack by setting up a fake website that pretends to be a legitimate website, then stealing consumers’ information when they try to use the fake website. Yet another strategy involves intercepting emails between two parties and creating spoofed emails that cause those parties to provide sensitive data to the man in the middle.

Fraudwatch International recommends "that you use strong mutual authentication between the client and the server. For instance: the server authenticates the client’s request by presenting a digital certificate, and only then can a connection be established. Another method for preventing a MITM attack is never to connect to open Wi-Fi routers directly. If you need to do this, you should use a browser plug-in, such as HTTPS Everywhere or ForceTLS. These plugins will help you establish a secure connection whenever the option is available."

You can avoid man-in-the-middle attacks by:

  • not clicking on links in emails.
  • making sure the address of the financial institution’s website you’re visiting starts with https, not just http.
  • changing your home Internet password from the default one the Internet service provider issued you.
  • not using public WiFi on your phone, tablet or computer to check your email, your bank account balance, your credit card account, or any other site that contains or requires your personal data.
  • using Internet security software.

There is no complete foolproof way to avoid becoming a victim of a sophisticated man-in-the-middle attack, but taking these basic precautions will lower your risk.

RELATED TERMS
  1. Eavesdropping Attack

    An eavesdropping attack is an incursion where someone tries to ...
  2. Spoofing

    Spoofing is a type of deception where an intruder attempts to ...
  3. Securities Fraud

    Securities fraud is a form of white-collar crime that disguises ...
  4. Denial Of Service Attack (DoS)

    A Denial Of Service Attack (DoS) is an intentional cyberattack ...
  5. Threat Modeling

    Threat modeling is evaluating what needs to be protected in the ...
  6. Bait Record

    A bait record is a piece of false information seeded into a dataset ...
Related Articles
  1. Tech

    7 Cybersecurity Tips to Protect Your Finances

    These seven cybersecurity tips will help protect your finances from online fraud and hacking.
  2. Tech

    7 Ways to Protect Yourself From Online Identity Theft

    These seven steps can help protect your online identity from hackers and scammers.
  3. Personal Finance

    6 Ways To Avoid Paying For Hotel Wi-Fi

    Use these tips to get free Internet access when you're on vacation.
  4. Tech

    Debit Card Fraud: Is Your Money At Risk?

    Find out how your money is becoming more vulnerable to debit card fraud by criminals and hackers. Use these nine easy ways to protect yourself.
  5. Tech

    Common Cybersecurity Threats and How to Protect Yourself

    With all of the ways hackers can steal your identity and personal information, it's important to protect yourself.
  6. Investing

    Android Phones Vulnerable to Wi-Fi Attacks: Report

    Cybersecurity experts say a new kind of attack lets hackers read Wi-Fi traffic, inject malware.
  7. Personal Finance

    Which Airline Has the Best Wi-Fi?

    Airlines know that flyers expect a wireless connection – but not all offer the same level of connectivity.
  8. Investing

    Comcast Aiming to Fix Spotty In-Home Wi-Fi

    Comcast aims to fix consumers' poor Wi-Fi with a new home networking gateway that boosts speeds.
  9. Insights

    10 Tips To Avoid Common Financial Scams

    Remember that "don't talk to strangers" rule from childhood? Well, don't wire them money either. Or fall for these other tricks.
Trading Center