In order to acquire unauthorized access to a network, threat actors are constantly on the lookout for vulnerabilities. In their current phishing attempt, they have adapted their techniques to avoid two-factor authentication (MFA), which has become increasingly popular.
The notion of multi-factor authentication (MFA) was first proposed in the form of RSA tokens in the year 1986. Since then, it has gained significant acceptance in both the commercial and consumer worlds, respectively.
Following the release of a research from Duo, an authentication solutions provider, over 78 percent of respondents indicated that they have implemented 2FA/MFA authentication in 2021, up from only 28 percent in 2017.
As multi-factor authentication (MFA) continues to gain wider acceptance, phishing kits designed to circumvent this trusted layer of security are becoming increasingly popular among cybercriminals.
Three phishing kits, in particular, have been identified by Proofpoint researchers as having seen an increase in usage recently: Modlishka, Muraena/Necrobrowser, and Evilginx2.
To circumvent multi-factor authentication, criminals will use new strategies like these MitM phishing attempts, which are becoming increasingly common as more firms layer their protection.
Finally, organizations need to evolve rapidly with growing trends in unexpected ways and take unexpected turns. Also, security programs should be in place to deal with blind spots like this.
…Be Cyber Alert ⚠️