Cybersecurity Experts Comment on Phishing Campaign That Can Bypass MFA

Cofence Phishing Defence Center have discovered yet the latest of cybercriminals’ tricks: a phishing campaign that bypasses MFA. Different from other credential harvesting attacks, the scam attempts to trick users into granting permissions to an application that then proceeds to bypass multifactor authentication. Leveraging the OAuth2 framework and OpenID Connect protocol, this campaign’s main goal is to steal user information […]