More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. That’s a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us.
A type of phishing we’re calling authentication-in-the-middle is showing up in online media. While these techniques, named after man-in-the-middle (MitM) attacks, have existed for a while, they appear to be gaining traction now.
Read more…
Source: Malwarebytes labs
Related:
- This Phishing Attack is Almost Impossible to Detect On Chrome, Firefox and Opera
April 17, 2017
A Chinese infosec researcher has discovered a new “almost impossible to detect” phishing attack that can be used to trick even the most careful users on the Internet. He warned, Hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domain names as the websites of legitimate services, ...
- Personalized spam campaign targets Germany
March 20, 2017
A spam campaign Symantec observed in January 2017 targeting people who live in Germany appears to be, once again, using detailed, real personal information to enhance the believability of the messages. Victims who open the message attachments are likely to have their Windows computers infected with malware that steals banking information. First seen in the UK Symantec ...
- Government Cybersecurity Contractor Hit in W-2 Phishing Scam
March 17, 2017
Just a friendly reminder that phishing scams which spoof the boss and request W-2 tax data on employees are intensifying as tax time nears. The latest victim shows that even cybersecurity experts can fall prey to these increasingly sophisticated attacks. On Thursday, March 16, the CEO of Defense Point Security, LLC — a Virginia company that ...
- Social Media Phishing Rose 500% in 2016 Q4
February 9, 2017
Throughout 2016, social media phishing attacks have climbed 500%, a new Proofpoint research reveals. The data includes cases of angler phishing, where attackers intercept customer support channels on social media in their attempt to steal people’s credentials, which proved to be the most common among financial services, but also entertainment accounts. According to Proofpoint’s Quarterly Threat ...
- Netflix Users Under Attack As Hackers Try to Steal Credit Card Info
January 10, 2017
Security company FireEye detected a new wave of attacks aimed at Netflix users, with cybercriminals now turning to phishing schemes in order to steal their personal information, including credit card data, social security numbers, and other details. Although it seems that the attacks have been suspended, Netflix users in the United States should always keep an ...