I will be taking a class soon on internet security and was asked the other day this question and I couldn't confidently answer the question:
A cracker who has phished information about you has discovered the ISP that you are using and your public ip address. Let say you are sending unencrypted email to an external smtp server, how would a cracker intercept the traffic and analyze it? how would that be done from the crackers computer?
Several different ways, including, cracking your computer's hosts, resolv.conf, or SMTP client configuration files so that it uses the cracker's computer as the SMTP server. It then relays that email to the server you want to send it to.