A financial analyst at a major investment firm has reported suspicious activity while using the company's web portal to conduct transactions. Despite having a secure connection, unusual prompts and unexpected transaction confirmations have been observed. What type of attack could this activity indicate?
Cross-site scripting (XSS) attack
Evil twin Wi-Fi attack
Distributed denial-of-service (DDoS) attack
Man-in-the-browser attack