Man-in-the-Middle Attack – SCAM OF THE MONTH


Mina was traveling abroad and enjoying a life-changing cultural experience. She was always on the go, taking in all the city sights she could see while updating her blog along the way. To make her blog upload efforts easier, Mina set her phone up with the AutoConnect feature so she could automatically connect to any Wi-Fi network that she’d previously connected to. Mina took a break at a Sam’s Cafe and her phone connected to the “SamsCafe” network. She began updating her blog then realized she needed to check her bank balance. She used her phone and logged into her bank’s mobile website to review her balance. A few hours later, Mina received a message from her bank that her account had insufficient funds and it had been wiped out earlier that day.

Did you spot the red flags?

  • Mina turned on Auto-Connect in an effort to save time accessing the internet.
  • Mina connected to her banking portal while on an unsecured Wi-Fi network.
  • Mina failed to verify the legitimacy of the Wi-Fi network she was connecting to.

What you should know about this scam

Avoid Auto-Connecting/Auto-Joining free Wi-Fi networks. When you use this feature, your device remembers a specific SSID (Service Set Identifier) for a network. Scammers can create their own fake Wi-Fi networks and set their own SSIDs to mirror the account they are mimicking. So, your device will be connecting to a verified SSID but it will be one owned and managed by the scammer.
This is an example of a Man-In-The-Middle Attack where an attacker uses their technology to position themselves between their victim and the platform they are connecting to. By remaining in the middle, the attacker can watch, record, and manipulate their target’s activity, without them knowing. Thus, the websites visited and passwords entered can be easily observed or the attacker could direct their victim to a malicious webpage.

Protect yourself

  1. Try using a VPN (Virtual Private Network) to help create a secure connection.
  2. Use legitimate Wi-Fi connections that you can verify.
  3. Set up Two-Factor Authentication on critical accounts.

Even with these additional security layers, the best approach is to avoid accessing sensitive accounts and information when on a public Wi-Fi connection.