Man In The Middle Attack: What Is It And How To Prevent It

The Internet can be a dangerous place. Hackers and scammers are at every turn, looking for new ways to exploit vulnerable users. One of the most common ways hackers can exploit user data is through what is known as a Man in the Middle attack. Learn how this attack operates and how to avoid it with DD-WRT or Tomato firmware.

man in the middle attack

What Is A Man In The Middle Attack?

The basic premise of a Man in the Middle (or MITM) attack is to redirect user communication and personal information from a trusted party to an illegitimate third-party source. The most popular sources of this attack include:

  • Bank websites
  • E-commerce websites
  • SaaS businesses

The MITM attacker will attempt to redirect a user from a legitimate website to a fake site they have created and ask for a victim’s login or personal information. Above all, in recent times, attackers have developed sophisticated fakes that resemble the intended website. Meaning, even experienced users can still fall prey to MITM attacks. While victims believe they are logging in to their bank account or purchasing a product, they are actually sending their personal information to an identity thief. Therefore, staying alert and vigilant is key.

There are many ways that a MITM account can redirect someone to the fake website. One way is through malware. Malware can be installed on any computer or browser that collects any information entered on a website, even if it’s secured.

Types of Man in the Middle Attacks

A more common Man in the Middle attack uses a router that isn’t secured. Here are a few ways a MITM attack can redirect a browser to an unsecured web page:

HTTPS Spoofing

If the website visited doesn’t include HTTPS in the URL, the website is unsecured. Not all websites that use HTTP in the URL are MITM attacks, but they are highly susceptible to attacks that trick browsers into redirecting traffic to unsecured sites. Users need to be on guard and only visit HTTPS web pages, particularly if they’re making a purchase or submitting any personal information. Even when using an HTTPS server, 95 percent don’t use the correct HTTP Strict Transport Security features that protect users from MITM attacks.

IP Spoofing

Similar to HTTPS spoofing, an attacker can alter the IP address packet headers to gain access to a user’s personal information. While a user accesses a URL the MITM has access to all information they enter.

SSL Stripping

SSL, or Secure Sockets Layer, is a way to establish an encrypted link between the web server and a browser. This redirects a computer from an unsecured HTTP address to a secured HTTPS server. SSL stripping interrupts that connection and allows another computer to intercept all information sent by the computer to the web server.

E-mail Interception

Another common MITM interception is through e-mails. If users receive an e-mail from a financial institution that requests login information, they must never reply to that e-mail directly. A bank or other institution should never ask for information over e-mail because e-mail addresses are easy to spoof. Any request for e-mailed information is likely a MITM attack.

WiFi Eavesdropping

Even WiFi could be the gateway used to conduct a MITM attack. Public WiFi signals are usually unsecured, which allows potential hackers to intercept personal information being entered while connected to the server. Even if using a secured web page, avoid entering login information when using public WiFi.

This is far from an exhaustive list of all the ways a computer can be targeted by a MITM attack. However, these are the most common and the easiest to guard against.

Preventing a Man in the Middle Attack

MITM attacks are preventable. With the right tools and tricks, you’ll be able to log in and shop online safely and securely. One of the best ways is to use a secure open source VPN router with DD-WRT firmware.

Not only will these routers give you more protection when it comes to MITM attacks, but you’ll also enjoy more a more stable network, dynamic VPN/server integration, and support for OpenVPN and PPTP.

Taking advantage of a VPN on the router level will provide an additional layer of encryption. Recommended VPN providers for preventing MITM attacks include:

Private Internet Access to Unblock Porn with VPN
NordVPN
Private Internet Access
IPVanish
As low as
$2.99/month
As low as
$2.91/month
As low as
$6.49/month
- Strict no logging policy
- Military grade encryption
- Award winning customer service
- 5000+ Servers in 60+ Countries
- Utilizes high-grade encryption based on the secure CBC Algorithm
- Most popular economy service VPN
- Great for traveling abroad
- 3180 Servers in 33 Countries
- Recommended for the Middle East
- No logs
- Owns and operates their own servers
- 1,100+ VPN servers in 60+ countries
Learn More
Learn More

Learn More

A router with open source firmware will protect you from many MITM attacks, but you still need to consider where and when you input personal information. Never give out personal information to an unconfirmed email address, and avoid HTTP addresses, particularly when using public WiFi.

Prevent Man In The Middle Attacks With a VPN Router

Premium performing VPN Router for HideMyAss - HMA 2017-2018 man in the middle attack

A FlashRouter like the Linksys WRT3200ACM (pictured above), is a router that has been flashed with Open Source firmware. Flashing a router with Open Source firmware removes any bugs or backdoors found in the router’s factory settings and opens the door for the device to be used as a tunnel to the VPN server of your choice.

Recommend devices for preventing MITM attacks include:

Netgear R6400V2 AC1750
Linksys WRT1900ACS/AC v2 AC1900
Netgear R7800 AC2600
Wireless-AC1750 Mbps
1 GHz Broadcom Processor
3 Ext Antennas
Top Economy Router
Wireless-AC1900 Mbps
1.6 GHz Marvell Processor
4 Ext Antennas
Great for Streaming
Wireless-AC2600 Mbps
1.7 GHz Qualcomm Processor
4 External Antennas
One of Our Most Powerful Routers
$249.99$249.99$349.99

Benefits of the FlashRouters Privacy App

Every DD-WRT FlashRouter comes with the free FlashRouters Privacy App. The FlashRouters Privacy App revolutionizes and simplifies using a DD-WRT router with a VPN. With the Privacy App, users can:

  • Switch between locations with the tap of a button.
  • Manage which devices go through the VPN and which don’t.
  • Change VPN Providers with a few clicks on the same device.

Want better support for your entire network? The FlashRouters Privacy App is here to help.

To find a full list of features, screenshots, visit our FlashRouters Privacy App website.

Have any other questions on preventing Man in the Middle attacks? Feel free to contact us.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.