Scammers can easily phish your multi-factor authentication codes – here’s how to avoid it

More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. That’s a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us.

A type of phishing we’re calling authentication-in-the-middle is showing up in online media. While these techniques, named after man-in-the-middle (MitM) attacks, have existed for a while, they appear to be gaining traction now.

Read more…
Source: Malwarebytes labs

Sign up for our Newsletter


  • The Hidden Danger of PDF Files with Embedded QR Codes

    July 3, 2024

    The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time. QR codes are increasingly popular due to their versatility and ease of use. Beyond payments and feedback, QR codes have a wide range of applications across various industries such ...

  • Apple IDs Targeted in US Smishing Campaign

    July 2, 2024

    Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims. These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases. Additionally, Apple’s strong brand reputation makes users more susceptible to trusting deceptive communications ...

  • Social Engineering Tactics Targeting Healthcare & Public Health Entities and Providers

    June 24, 2024

    Access to employees’ email accounts, and then pivoted to specifically target login information related to the processing of reimbursement payments to insurance companies, medicare, or similar entities. To gain initial access to victim networks, the threat actor acquired credentials through social engineering or phishing. In some observed instances, the threat actor called an organization’s IT Help ...

  • LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations

    June 19, 2024

    LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given its ...

  • Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework

    June 19, 2024

    In early April, Trend Micro researchers discovered that a new threat actor group (which they call Void Arachne) was targeting Chinese-speaking users. Void Arachne’s campaign involves the use of malicious MSI files that contain legitimate software installer files for artificial intelligence (AI) software as well as other popular software. The malicious Winos payloads are bundled alongside ...

  • Hackers are using fake Chrome, Word and OneDrive errors to trick people into installing malware

    June 17, 2024

    Proofpoint has observed an increase in a technique leveraging unique social engineering that directs users to copy and paste malicious PowerShell scripts to infect their computers with malware. Threat actors including initial access broker TA571 and at least one fake update activity set are using this method to deliver malware including DarkGate, Matanbuchus, NetSupport, and various ...