<ul><li>Phishing attacks are becoming increasingly sophisticated and can now bypass some common forms of multifactor authentication (MFA), making it easier for attackers to gain unauthorized access to accounts.</li><li>MFA typically requires an additional authentication factor beyond a password, such as a fingerprint scan or a one-time passcode sent via text or email. However, tools like Tycoon 2FA and Rockstar 2FA are being used by criminals to defeat these MFA protections.</li><li>The adversary in the middle attack technique is being employed to bypass MFA. This has led to the creation of phishing-as-a-service toolkits like Evilproxy and Greatness, making it easier for non-technical users to create sites that can defeat account protections.</li><li>The growing ecosystem of tools designed to circumvent MFA highlights the importance of continuously evolving security measures to stay ahead of cyber threats in an increasingly digital world.</li></ul>

Phishing attacks that defeat MFA are easier than ever. So what are we to do?

Discover more