Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
Summary
Cybercriminals are shifting their tactics from traditional 2FA phishing to a more sophisticated method known as device code phishing. This new technique exploits a service's legitimate new-device login flow to trick victims into inadvertently providing their account access credentials.
IFF Assessment
FOE
Attackers are evolving their phishing techniques to bypass multi-factor authentication, making it harder for defenders to protect user accounts.
Defender Context
Defenders need to be aware of this evolving phishing trend and educate users about the risks of entering device verification codes or confirming login requests from unfamiliar devices. Organizations should also explore technical controls that can detect or flag suspicious login flows.