A devious, new phishing technique allows adversaries to bypass multi-factor authentication (MFA) by secretly having victims log into their accounts directly on attacker-controlled servers using the VNC screen sharing system.
Even more dangerous, this technique will bypass MFA as the user will enter the one-time passcode directly on the attacker's server, authorizing the device for future login attempts.
As for how to protect yourself from these types of attacks, all the phishing advice remains the same: do not click on URLs from unknown senders, inspect embedded links for unusual domains, and treat all email as suspicious, especially when it prompts you to login to your account.
Or you could use Wave VSC 2.0 (MFA), and protect against this devious phishing method!! ================================================================= Better security at less than half the cost!!
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.