Man-in-the-Middle (MITM) attack
Man-in-the-middle attacks use various social engineering techniques to intercept user credentials and commit fraudulent actions completely under the radar. How MITM attacks work:
1. User clicks on link in a phishing email, goes to MITM site and enters credentials (including token-generated one-time password).
2. MITM site connects with bank site and impersonates legitimate user using phished credentials.
3. Bank site grants MITM account access.
4. MITM displays phony page stating system is unavailable, or waits until user wants to log off, then displays phony page confirming log-off.