MFA under fire, attackers undermine trust in security measures

In this Help Net Security video, Renée Burton, Head of Threat Intelligence at Infoblox, discusses MFA attacks.

MFA adds security to online accounts, but MFA lookalikes are a real threat to consumers and enterprises. Consumers have come to trust MFA, but attackers can now get in the middle and take over accounts.

Fake MFA domain attacks have heightened greatly in the last 15 months, aided by a cheap toolkit available on the dark market to implement an adversary-in-the-middle (AiTM) attack at scale quickly.

Infoblox data over the last five years has consistently shown a trend in phishing toward strategic aging, with over 30% of domains being first observed in campaigns more than three days after registration to avoid detection.