A Man-in-the-middle attack presupposes three parts. The victim, The entity that he is trying to communicate with victim and Man-in-the-middle, who monitors and invades the victim’s communications. Of course, the victim does not know the existence of man-in-the-middle.
How does one work Man-in-The-middle attack;
Suppose you received one E-mail, supposedly comes from your bank. The email asks you to sign in to your account to confirm some details. There is one in the email link, which is supposed to lead you to website the bank’s. Log in and do what you asked for.
In this hypothetical scenario, man-in-the-middle (MITM) sent you the email and made it look legitimate. This attack also includes phishing techniques, through which you click the malicious link. In addition, man-in-the-middle has created a site, similar to your bank, to persuade you to give personal information and register your credentials. In fact, you are not logged into your bank account but to a fake site through which the hacker acquires them credentials you.