Man-in-the-middle attacks come in two forms, one that involves physical proximity to the intended target, and another that involves malicious software, or malware. One example of a MITM attack is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. A hacker can be in physical proximity or within the reception range of an unencrypted Wifi access point making it easier to insert themselves as a man-in-the-middle. Although encryption can be used to help prevent against MitM attacks, threat actors will often reroute traffic to fraudulent phishing sites or simply
What Does Clone Phishing Look Like?
Sent from an email address spoofed to appear to come from the original sender
The attachment or link within the email is replaced with a malicious version
It may claim to be a resend of the original or an updated version to the original.
Tips & best practices for recognizing & defending against Clone Phishing attacks:
If an email appears strange in any way, contact the sender with a phone call to confirm the legitimacy of the email.
If you receive an email from a source you know but it seems suspicious, contact that source with a new email, rather
Think before you click! Make sure you have confirmed the legitimacy of an email before downloading any attachments it contains.
Make sure your OS is patched and updated, reducing the chance of vulnerabilities existing that criminals could exploit.
Back up your files frequently and automatically. This won’t prevent a ransomware attack, but it can reduce the damage caused by one. Be aware that backups are n