Everything You Need to Know to Avoid a Man-in-the-Middle Mobile Attack

Monkey in the middle, the beloved playground staple, extends beyond schoolyards into corporate networks, home desktops, and personal mobile devices in a not-so-fun way. Known as a monkey-in-the-middle or man-in-the-middle attack (MiTM), it’s a type of cybercrime that can happen to anyone.  

Here’s everything you need to know about MiTM schemes specifically, how to identify when your device is experiencing one, and how to protect your personally identifiable information (PII) and your device from cybercriminals.  

What Is a Man-in-the-Middle Mobile Attack?  

A man-in-the-middle attack, or MiTM attack, is a scheme where a cybercriminal intercepts someone’s online activity and impersonates a trusted person or organization. From there, the criminal may ask personal questions or attempt to get financial information; however, since the device owner thinks they’re communicating with someone with good intentions, they give up these details freely.  

MiTM is an umbrella term that includes several cybercrime tactics, such as:  

  • IP spoofing. In this scheme, a criminal squeezes their way between two communicating parties by hiding their true IP address. (An IP address is the unique code assigned to each device that connects to the internet.) For example, the criminal may eavesdrop on a conversation between a bank representative and a customer. The criminal will pretend to be either party, gaining confidential financial information or giving incorrect banking details to route wire transfers to their own bank account.  
  • MFA bombing. This occurs when a criminal gains access to someone’s login and password details but still needs to surpass a final barrier to enter a sensitive online account: a one-time, time-sensitive multifactor authentication (MFA) code. The criminal either barrages someone’s phone with code request texts until the person disables MFA in annoyance or the criminal impersonates a support employee and requests the code via phone, email, or text.   
  • Session hijacking. Session hijacking occurs when a cybercriminal takes over a user’s conversation or sensitive internet session (like online banking or online shopping) and continues the session as if they are the legitimate user. The criminal can do this by stealing the user’s session cookie. 
  • Router hacking. A cybercriminal can hack into wireless routers and then reroute your internet traffic to fake websites that request personal or financial information. Routers with weak passwords or factory-set passwords are vulnerable to being taken over by a bad actor. Or, a method that requires no hacking at all: A cybercriminal can set up a wireless router in a public place and trick people into connecting to it thinking it’s complementary Wi-Fi from a nearby establishment. 

Cybercriminals gain access to devices to carry out MiTM attacks through three main methods: Wi-Fi eavesdropping, malware, or phishing.  

How Can You Identify a MiTM Mobile Attack?   

The most common giveaway of a MiTM attack is a spotty internet connection. If a cybercriminal has a hold on your device, they may disconnect you from the internet so they can take your place in sessions or steal your username and password combination.  

If your device is overheating or the battery life is much shorter than normal, it could indicate that it is running malware in the background.  

How to Protect Your Device  

If you can identify the signs of a MiTM attack, that’s a great first step in protecting your device. Awareness of your digital surroundings is another way to keep your device and PII safe. Steer clear of websites that look sloppy, and do not stream or download content from unofficial sites. Malware is often hidden in links on dubious sites. Try your best to stick to sites that have URLs beginning with “https.” The “s” stands for “secure.” Though not all “https” sites are guaranteed secure, they are generally more trustworthy than plain “http” sites. 

To safeguard your Wi-Fi connection, protect your home router with a strong password or passphrase. When connecting to public Wi-Fi, confirm with the hotel or café’s staff their official Wi-Fi network name. Then, make sure to connect to a virtual private network (VPN). A VPN encrypts your online activity, which makes it impossible for someone to digitally eavesdrop. Never access your personal information when on an unprotected public Wi-Fi network. Leave your online banking and shopping for when you’re back on a locked network or VPN you can trust. 

Finally, a comprehensive antivirus software can clean up your device of malicious programs it might have contracted.  

McAfee+ Ultimate includes unlimited VPN and antivirus, plus a whole lot more to keep all your devices safe. It also includes web protection that alerts you to suspicious websites, identity monitoring, and monthly credit reports to help you browse safely and keep on top of any threats to your identity or credit.  

A cybercriminal’s prize for winning a digital scheme of monkey in the middle is your personal information. With preparation and excellent digital protection tools on your team, you can make sure you emerge victorious and safe. 

McAfee Mobile Security

Keep personal info private, avoid scams, and protect yourself with AI-powered technology.

FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Mobile Security

Back to top