Phishing attack against Hotmail accounts
A Phishing attack uses a bait, a trick, to get us to click on a link. For example, they can say that there is a problem with the account, that we must update data, etc. When we click on that link, we are not actually going to the official site, but we are entering a fake page, created to steal data. Upon login, the victim sends the password to the attacker.
But in this case we are facing an attack that goes a little further. According to security researchers at Zscaler, they have discovered a campaign that targets Microsoft emails and uses a technique called AITM to bypass multi-factor authentication. What this type of technique does is avoid having to put that second step to enter.
What does the two-step authentication is to create an extra layer of protection. Beyond a password, for example to enter the mail we have to put a code that we receive by SMS. But of course, if hackers manage to skip that step, simply by knowing the access key they could get in.
It all starts with an e-mail sent to the victim. That’s the key of everything. If the user falls for the trap and interacts with that email, the attack begins. He has to click and continue the process. But the difference is that this type of AiTM technique allows the attacker to stand between the user’s device and the target service. It acts as a proxy. This way he can steal the session cookies and he doesn’t have to re-validate the account when logging in, so he won’t have to put in that second step.
What to do to avoid this attack
As you can see, Phishing attacks are becoming more sophisticated and they can also break multi-factor authentication. However, the security measures you should take are basically the same as always: common sense and avoid making mistakes. This is the main thing. Don’t click or log in from unknown links that come to you by email.
It is also a good idea to have security programs. Although an antivirus by itself may not help you protect yourself from Phishing, in the event that you download a file that could be dangerous, it would help you detect and eliminate it before it is too late.
Also, keep the updated equipment correctly can help and be very helpful. You will be able to correct possible vulnerabilities that may exist and thus prevent hackers from exploiting them.
In short, Phishing is a major problem and it is convenient to know when a link is dangerous. That will help you avoid many hacks that steal your passwords and cause your devices to start malfunctioning.