Facebook 2FA phish arrives just 28 minutes after scam domain created
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
MFA reduces account takeover by requiring another proof of identity, limiting damage from stolen passwords; protect fallback and recovery paths too.
Search across headline titles and summaries.
Background for this topic.
MFA requires a user to prove identity with at least two different factor types: something they know, have, or are. It limits account takeover when a password is exposed, but protection depends on the factors and their implementation; two passwords are not independent factors, and a one-time code delivered by SMS is generally weaker than a phishing-resistant credential.
Attackers may steal or relay one-time codes through phishing, trigger repeated push prompts to induce approval, exploit weak enrollment or account-recovery processes, or hijack an authenticated session after MFA succeeds. Prefer phishing-resistant methods such as FIDO2/WebAuthn security keys or platform credentials for sensitive access, protect enrollment and recovery as strongly as login, restrict weaker fallbacks, and monitor unusual authentication activity. MFA reduces risk but does not replace endpoint, session, or privileged-access controls.
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
CISA has urged government agencies and private sector organizations using Microsoft's Exchange cloud email platform to expedite the switch from Basic Authentication legacy authentication methods without multifactor authentication (MFA) support to Modern Authentication alternatives. [...]
A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. [...]
A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. [...]