Given:
John Smith uses a coffee shop’s Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank’s
website. The bank’s website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain
John’s bank account user ID and password and exploit this information. What likely scenario could have allowed the hacker to obtain John’s bank account user ID
and password?