An attacker secretly intercepts and alters communications between an online banking website and its customers to transfer funds without detection. Which type of attack is this?

Phishing attacks involve tricking individuals into revealing sensitive information, such as passwords or credit card numbers, by masquerading as a trustworthy entity in electronic communications. Unlike man-in-the-middle attacks, phishing does not require intercepting or altering data in transit; instead, it relies on social engineering to deceive users into providing their information directly.

Brute-force attacks involve systematically trying all possible combinations of credentials, such as passwords, until the correct one is found. This method does not involve intercepting or altering communications but rather focuses on breaking into accounts through sheer computational power, making it irrelevant to the scenario presented in the question.

Spoofing attacks occur when an attacker impersonates a legitimate user or device to gain unauthorized access to information or systems. Although spoofing can be a component of a man-in-the-middle attack, it does not specifically describe the interception and alteration of communication, which is the hallmark of a man-in-the-middle attack.