Remove Email Compromise Remove Multifactor Authentication Remove User Authentication
article thumbnail

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

The Payments Association

In an AiTM attack, the attacker typically sends a phishing email with a link that directs the victim to a fake login page (redirector or AiTM phishing page) designed to look like a legitimate service. Attackers can intercept data if a user authenticates into an application using an unsecured protocol like HTTP.