Man In The Middle Attack (MITM) is a type of identity theft involves criminally intercepting communication between two parties and recording the information without the two parties ever knowing about it.
The criminal then uses this information to access accounts and possibly steal the user’s identity.
A common scenario consists of making an online search for the URL address of a company, such as a financial institution. Once found, you click on the link to access the website (for example http://www.financialinstitution.com.) However, when the website appeared on your screen, you did not notice that the URL web address changed to http://www.atacker.com/http://www.server.com.
This is a website that is actually re-directing you to another website that mirrors your financial institution’s website. All the information you enter on this website is rerouted to your financial institution and the information your financial institution sends you is re-routed to you.
The schemer is recording all the transactions that are taking place between you and the institution. The objective is to obtain your personally identifiable information, your login and password numbers, or your credit and/or debit card number.
Ref.: https://en.wikipedia.org/wiki/Man-in-themiddle_attack