Multi-factor authentication adds a significant layer of security to your online accounts and you should definitely implement it everywhere you can. But, as with every security tool, cybercriminals are working to bypass protections you put in place.
Recently, a novel phishing technique was uncovered by the team at Huntress, a cybersecurity firm that maintains a tool Macktez deploys with our Workstation Management subscription. In short, the scheme they revealed involves an incoming email with an HTML file that tricks the user into using a fake email login page to enter their credentials and MFA code to give the cybercriminal full access to their account.
Does that mean MFA is a waste of time? Have hackers undermined a priority defense?
Well, no! Because what’s “novel” about this technique — the type of malicious payload and how it is used to hijack user credentials — is really beside the point for most people. And what this technique has in common with other phishing schemes makes it entirely ineffective if you are following good email security practices. Namely: never click links in an email that you are not expecting and when you can’t verify the sender.
As always, the weakest link in cybersecurity is a distracted or insufficiently trained user. Exactly how a malicious link is delivered and the technical details of how it works are less important than the fact that someone might click it in the first place.
In order to hone your team’s general skepticism about email links and unsolicited requests, Macktez can provide simulated phishing campaigns and security training resources through our Cybersecurity Awareness Management subscription. Simulated phishing campaigns keep end users on their toes and training videos are great for new employees, annual reinforcement, and even friendly competition among colleagues to build awareness.
And our Workstation Management subscription includes Huntress for endpoint security, automated response, and response team analysis for further review (allowing new threats to be discovered and new protections to be developed).