Safi Bello
Iranian phishers bypass 2fa protections offered by Yahoo Mail and Gmail
Ars Technica ---------- A recent phishing campaign targeting US government officials, activists, and journalists is notable for using a technique that allowed the attackers to bypass two-factor authentication protections offered by services such as Gmail and Yahoo Mail, researchers said Thursday. The event underscores the risks of 2fa that relies on one-tap logins or one-time passwords, particularly if the latter are sent in SMS messages to phones. To learn more click on the picture below to read the article.