Support 1300 669 220

Man-In-The-Middle
Attacks

What They Are, and How to Protect Yourself

Even if you don’t know how to identify a man-in-the-middle attack, you’ve certainly been the target of at least one.

You might have received an email that claimed to be from your bank, asking you to log in to fix a problem with your account. Or maybe you’ve gone to connect to WiFi at your favourite coffee shop – and noticed that there’s more than one network available, and they all have similar names. Or you’ve received a text message that appears to be from a courier company, inviting you to install an app to track your new package… but you don’t remember ordering anything.

These are all widespread forms of the famous man-in-the-middle attack. This is a scam in which a cybercriminal (the “man in the middle”) tries to pose as a trusted entity in order to fool you. That entity could be a bank, an online store or a courier company. Whether you’re entering your login details into a fake website, connecting to a spoofed WiFi hotspot, or clicking a link to install malware on your phone, the outcome is the same. You provide hackers with direct access to your most sensitive and important information.

How common are man-in-the-middle attacks?

Man-in-the-middle attacks have been around for a long time. We don’t know exactly how many attempted attacks are made. But look at your junk folder and you’ll see plenty of fake bank emails and coupon offers that have automatically been caught by your email’s spam filter. Online security experts estimate that as many as 35% of successful cyber attacks come under this heading.

The reason these attacks are so successful, even after so many years, is that they’re always evolving. Cybercriminals are constantly on the lookout for new opportunities and new loopholes. They know how to build fake websites that look just like the real thing. And they also take advantage of human weaknesses, such as the love of free WiFi and discount codes.

How to protect yourself

It’s easy to become the victim of a man-in-the-middle attack, but there’s plenty you can do to protect yourself. To begin with, you can use a virtual private network (VPN) when connecting to WiFi outside of your home.

If you’re visiting a website, make sure it’s a secure one by looking for the prefix https:// at the start of the URL. This means that any data sent between your computer and the website will be encrypted. You should also make sure that your security software is up to date.

And if you receive an email or text inviting you to enter your login details, click a link, or install an app, don’t do anything right away. Look carefully to see if there are any warning signs that this might be a scam. If you’re in any doubt, delete it. You can always speak to your bank or service provider directly.

As your trusted IT support partner, Perigon One is here to make sure you stay protected. If you’d like advice or help with keeping your data out of the hands of cybercriminals, just contact us to talk about your needs.