Researchers at the IEEE Computer Society have shown how a man-in-the-middle (MITM) attack can be used to reset user passwords and subsequently steal a person’s account, be it their email, Twitter handle or Facebook profile.
Using a website rigged to offer a freebie, such as a cool app that would otherwise cost money, hackers can lure unwary users into answering security questions like “what is the name of your best friend?” and forward that information to their account’s password reset module on sites like Google, Facebook, Snapchat and others.
Leave a reply
