article thumbnail

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

The Payments Association

Using stolen session cookies, the attacker can authenticate themselves into the victim’s account, gaining unauthorised access to emails or other resources. Attackers can intercept data if a user authenticates into an application using an unsecured protocol like HTTP.