Heightened MFA Use Pushes Hackers To Devise New Phishing Tactics To Beat MFA

Multi Factor Authentication or MFA is the new hotness in terms of keeping yourself secure. But not so fast. In a new report published today from Proofpoint, researchers are warning that phishing actors are coming up with new ways to bypass multi-factor authentication (MFA). The increased use of MFA, given the pandemic and the migration of WFH, has pushed threat actors to use transparent reverse proxy solutions, and to cover the rising demand, reverse proxy phish kits are being made available for purchase.

Key takeaways from the report include:

  •  As multi-factor authentication becomes a standard security practice, phish kits are evolving with the times to steal these tokens and bypass this trusted layer of security. 
  • Threat actors are using phish kits that leverage transparent reverse proxy, which enables them to man-in-the-middle (MitM) a browser session and steal credentials and session cookies in real-time.  
  • It is likely that more threat actors will turn to these MitM phish kits, making security increasingly difficult for defenders.  

Aimei Wei, Founder and CTO, Stellar Cyber has this to say:

“Hackers are evolving quickly in response to the security defense measures such as MFA. While security industry prepares to deal with this blind spot, people should always be vigilant on the email or website before clicking a link or login to a website.”

If this concerns you, and it should, then one of the mitigation strategies that you might want to consider is passwordless authentication. A number of companies are bringing this technology to market, or have already brought this technology to market. Thus it might be an option for your enterprise.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: