(also eavesdropping attack, network eavesdropping, sniffing, snooping)
In cybersecurity, eavesdropping is the act of secretly intercepting unencrypted data passing between two parties. Hackers use eavesdropping to obtain sensitive information, steal session tokens, and even modify or delete message content.
Real eavesdropping examples
Man-in-the-middle (MITM): In MITM attacks, hackers position themselves between two actively communicating parties to record or alter their messages. Criminals may even completely take over the conversation in progress, feeding both parties false data to trick them into divulging sensitive information or performing some specific action.
- Use a VPN. Virtual private networks (VPNs) encrypt your online traffic, keeping your data secure from eavesdropping attacks. Encrypted data looks like gibberish without the proper decryption keys — even if it is intercepted by hackers, they would not be able to read or alter it.
- Use secure messaging services. Certain apps, like Meta’s Messenger, offer end-to-end encryption (E2EE) for user communications. With E2EE, only the people you send the message to are able to read it, letting you discuss private topics without fear of outside intervention.