I recently used a "secure" vpn on my iPhone to do some online purchases. On the payment page everything Looked normal and all the links were legit (https://www.example.com/etc). I double-checked, and saw no certificate warning from the browser.
But the next day I find my money stolen with the same IP I used the night before. Luckily I called support and they reversed it back.
So the lesson learned was: Never use proxies or VPN's for online purchases.
But how did they do it? How did they hack the encryption (https)?
Someone told me they could have used a MITM attack, but I doubt it (could be wrong) or inject Javascript in the response (but is that even possible on a https connection?).
If so, then is it possible to stop it or detect it?
I'm sorry too many questions but this really interests me.