Adversary-in-the-Middle

Nowadays, threat actors can use strong frameworks and techniques against which users have nearly no chance to escape.
 

This technique is used with phishing to transmit a malicious link and obtain a click. When the user clicks, he is redirected to the real website but it's connection is in fact being transparently proxyied trough a malicious server (with Evilginx for example). The attacker will then steal the user's password and even bypass the MFA protection (with token theft).

​

Click below and check if you are concerned !