New phishing technique intercepts two-step verification

New phishing technique intercepts two-step verification

New phishing technique intercepts two-step verification Hoogma Webdesign Beerta
Leo Hoogma - Hoogma Webdesign Beerta

Written by:
, 5 June 2024

E-mail Leo Hoogma Linkedin Facebook

If you often use two-step verification (2FA) or MFA (Multi Factor Authentication), then you are consciously concerned with online security. But here too, you still have to pay attention! Scammers can easily "catch" your multi-factor authentication codes. We would be happy to tell you more about this.

How can scammers find out your multi-factor authentication?
When you as an unsuspecting user are led to a phishing site, for example via a banner on social media or through a hacked website, you will at first glance see a neat website, for example from a bank , email provider or social media platform. When you enter your user details on this fake site, the data is forwarded by cyber criminals to the real site without you noticing. You will then be asked to complete the TFA step, for example by entering a code or accepting a push notification. This information is also forwarded to the criminals, giving them access to the real site.

Once the criminals have access to an account, they can change settings such as the email address, phone number and password, preventing you from having access, or they can simply empty your bank account. This is why many platforms ask for your PIN or other authentication again when changing important settings.

have you fallen victim to clicking on a phishing link? To compress! But put your shame aside. It is always important to report this quickly to an IT specialist to prevent worse! Read here more about the importance of acting quickly in phishing.

How can you protect yourself against Man in the Middle (MITM) attacks?

Stay alert - Knowing how scammers operate is the first step in avoiding them. Don't blindly trust sponsored search results and if something seems suspicious, it probably is.
Use security software - A security program such as , blocks known phishing sites. Many phishing domains only exist for a short time, a good security program, such as ESET Antivirus & Security, is on top of this.
Use a password manager - Password managers fill a password Don't automatically log into a fake site even if it seems genuine.
Consider passkeys - Multi-factor authentication remains very important and protects against many types of attacks, so keep using it. However, authentication-in-the-middle attacks only work with certain types of MFA, and passkeys will not allow cybercriminals to log into your account this way. Many services have already started using passkeys, and this will undoubtedly continue to evolve.
Use a secure browser - Currently, Brave is one of the most secure browsers available. Advertisements and trackers that endanger your privacy are automatically blocked. Your data will not be stored by third parties and you will be protected against browser fingerprinting.

Need help with internet or email related matters? Go to Hoogma Webdesign
We have more than 20 years of experience in the field of safe internet and email, and we are still learning every day. We are happy to help you find the answer to your questions in this area. Email to support@hoogmawebdesign or call 0597-855758

Would you like to read more blog posts? Go to the page Blog.

Partner of:
  • 24/7 Bestellen Beerta Hoogma Webdesign Beerta
  • Partner van Mollie  Hoogma Webdesign Beerta
  • Partner van Laposta  Hoogma Webdesign Beerta
  • Voys  Hoogma Webdesign Beerta
  • Partner van ESET  Hoogma Webdesign Beerta
New phishing technique intercepts two-step verification - Hoogma Webdesign Beerta

New phishing technique intercepts two-step verification

5 June 2024 - If you often use two-step verification (2FA) or MFA (Multi Factor Authentication), then you are consciously concerned with online security. But here too, you still have to pay attention! Scammers can... read more »

Accidentally clicked on a phishing link, what now? - Hoogma Webdesign Beerta

Accidentally clicked on a phishing link, what now?

3 June 2024 - One of the biggest challenges in combating phishing attacks is that employees are reluctant to admit that they have clicked on a phishing link. There are several reasons why this happens, such as... read more »

Contact via Whatsapp

This website works best if you accept cookies for social media and statistics.