We’ve written several blogs this year about the pros and cons of two-factor authentication (2FA). First, discussing how it is a best practice and just one part of a layered phishing defense. Then outlining 4 phishing attack techniques that can bypass or defeat 2FA. A recent article from Fortune entitled Hackers Can Now Bypass Two-Factor Authentication With a New Kind of Phishing Scam includes a 40-minute video demonstrating how hackers are using tools called Muraena and NecroBrowser to break through 2FA. We thought this information was worth passing on since these tools are enabling lower-skilled hackers to execute phishing attacks that penetrate 2FA. While 2FA is still a valuable step in protecting an organization from phishing attacks, the threat landscape continues to evolve and bad actors continue to create ways to outmaneuver conventional security methods.
As an anti-phishing specialist, SlashNext has pioneered a new, unique architecture that employs cloud-based Session Emulation and SEER™ threat detection technology for phishing detection that works faster and more effectively than traditional domain reputation and URL inspection technologies.
SlashNext Real-Time Phishing Threat Intelligence covers all six major categories of phishing and social engineering threats. It offers intelligence that helps security teams better understand and protect their organization from sophisticated, zero-hour phishing attacks.
See what phishing threats you’re missing. Contact us for a demo or try SlashNext Real-Time Phishing Threat Intelligence free for 15 days.