This site has a pretty good explanation of a Man-In-The-Middle attack and different ways of doing this.
Man-in-the-middle Attack
This page explains how SSL might not always prevent man-in-the-middle attacks:
SSL not preventing man-in-the-middle attacks
Computer Weekly says RSA warns of more man-in-the-middle attacks as of August 15, 2007 due to free phishing kits being circulated:
Man-in-the-middle on the rise
I suggest the federal government puts out a free phishing tool - that sends the phishers details to the FBI.
This page suggests Firefox extensions are subject to Man-In-The-Middle attacks:
Firefox Man-In-The-Middle vulnerability
What we need are some good patterns out there to prevent this type of thing at all levels - network, application, and server configuration.
Also what is the fastest way to spot a man-in-the-middle attack?