Source: http://gizmodo.com/the-nsa-disguises-itself-as-google-to-spy-1305996203
It's come to light that the NSA has impersonated Google—and possibly other big websites—in order to intercept, store, and read supposedly secure online communications.
Mother Jones reports that the agency managed this by using "man-in-the-middle (MITM)" attacks, which are often used by high-class hackers. PowerPoint slides made public by a Brazilian news channel also suggest the technique is used by the UK-based GCHQ. Mother Jones describes how the hack works:
According to the document, NSA employees log into an internet router—most likely one used by an internet service provider or a backbone network. (It's not clear whether this was done with the permission or knowledge of the router's owner.) Once logged in, the NSA redirects the "target traffic" to an "MITM," a site that acts as a stealthy intermediary, harvesting communications before forwarding them to their intended destination.