An hackers most probable first attempt to get your credentials is to perform an MITM (Man In The Middle) attack.
In such situations, the hackers places themselves in the middle of you and your router by spoofing the mac-address of the router, to go through the attackers computer.
That said, and there’s little you can do about it else then paying attention RIGHT NOW is that I’m going to explain the Details you must pay attention for.
As many post on the internet / social media channels have explained, HTTP is NOT Secure.
But what is that? How can I tell?
For example, when you go to LinkedIn in your address bar (always’s the best choice on entering URLs directly in your search bar, more on this later), you can see if the page is Secure. If it’s not, do not think twice, leave that page and inform by means of a screenshot to your IT Administrator.
This site should not be ‘Not Secure’ as for almost every webpage nowadays on the internet.
As you login, on a HTTP site, saying it’s ‘Not Secure’ but you do Login, a Hacker fetches your Credentials because his MITM program delivers the form submission to you.
When a user goes to Google and the webpage is in HTTP, “Not Secure” you are most likely victim of an MITM Attack.
Where you can go wrong that if you’ve got a page like this:
And you perform a google search for your cloud service, e.g. linkedin, company website etc, the Attacker, screens your search and replaces everything from HTTPS, to HTTP to an DNS Spoofed address, in which he can fetch the credentials you’ve entered like the example above.
The next Image is NOT the way to search for you Cloud Service Provider such as facebook, company website etc.
If you were to visit a page directly from the URL Address Bar, when HSTS is enabled for that Organisation, this would not work. (more details on this later for Company’s).
Coutermeassures Developer / Company
Follow the Guidance here
The example provide you guidances on how to implement HSTS on:
- IIS Server
And Submit your Website on this page:
You can check the status on that page after submission, and check if it’s been processed.
After that go to the following page and check your TLS and HSTS settings on the following page. I won’t be covering TLS Settings, but that might be an issue for you if you have never bothered to check against.
Testing for Compliance:
BE SURE TO HIDE THE RESULTS from others, since you don’t want to expose your webpage to unknowns.