What is a man-in-the-middle (MitM) attack?
A man-in-the-middle (MitM) attack is an exploit in which an intruder intercepts communications between two parties, usually an end user and a website. The attacker can use the information accessed to commit identity theft or other types of fraud.
Users can protect themselves from a traditional man-in-the-middle attack by refraining from logging into sites where sensitive data is maintaned while on a public network. However, a variation on that exploit, called an "active man-in-the-middle attack" makes it possible for an intruder to access information for any site that the user logs into at other times.