Scammers can easily phish your multi-factor authentication codes – here’s how to avoid it


More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. That’s a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us.

A type of phishing we’re calling authentication-in-the-middle is showing up in online media. While these techniques, named after man-in-the-middle (MitM) attacks, have existed for a while, they appear to be gaining traction now.

Read more…
Source: Malwarebytes labs


Sign up for our Newsletter


Related:

  • The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider

    April 18, 2024

    In late 2021, LabHost (AKA LabRat) emerged as a new PhaaS platform, growing over time to eventually offer dozens of phishing pages targeting banks, high-profile organizations, and other service providers located around the world, but most notably in Canada, the US, and the UK. The popularity of the platform meant that at the time of the ...

  • Police bust global cyber gang accused of industrial-scale fraud

    April 18, 2024

    Police have taken down a gang accused of using a technology service that helped criminals use fraudulent text messages to steal from victims. They have arrested 37 people worldwide and are contacting victims. Officers say younger people who grew up with the internet were the most likely to fall for the “phishing” scam. The technology allowed ...

  • Cisco Duo says a third-party data breach stole MFA SMS logs

    April 16, 2024

    Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Unidentified threat actors mounted a phishing attack against the third party, through which they stole login ...

  • SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world

    April 15, 2024

    Researchers from the Positive Technologies Expert Security Center discovered more than three hundred attacks worldwide, which they confidently attributed to the well-known TA558 group. As originally described by researchers at ProofPoint, TA558 is a relatively small financially motivated cybercrime group that has attacked hospitality and tourism organizations mainly in Latin America, but has also been identified ...

  • Russian businesses targeted by novel ransomware gang

    April 10, 2024

    Attacks with a Conti ransomware code-based backdoor have been deployed by the new Muliaka ransomware operation against businesses across Russia since at least December, according to The Record, a news site by cybersecurity firm Recorded Future. Windows systems and VMware ESXi infrastructure of one Russian company had been compromised with the malware after Muliaka had infiltrated ...

  • ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins

    April 8, 2024

    Last year, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers. ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files. It offers several options to manipulate malware, making it more challenging for antivirus products to detect. FortiGuard Labs recently discovered a ...