An attacker secretly intercepts and alters communications between an online banking website and its customers to transfer funds without detection. Which type of attack is this?

Phishing attacks involve tricking individuals into providing sensitive information, such as login credentials, usually through deceptive emails or websites. Unlike a man-in-the-middle attack, phishing does not require intercepting or altering ongoing communications; it relies instead on social engineering tactics to mislead users into voluntarily divulging their information.

A brute-force attack involves systematically attempting various combinations of passwords or encryption keys until the correct one is found. This type of attack focuses on breaking into accounts rather than intercepting and modifying communications, which is key to identifying the correct attack type in this scenario.

Spoofing attacks involve impersonating another device or user to gain unauthorized access to systems or information. While it may overlap with the tactics used in man-in-the-middle attacks, spoofing primarily focuses on deception rather than the active interception and alteration of communications that characterize a man-in-the-middle attack.