Podcast Episode Details

Phishing Attack Targeting Two-Factor Authentication, Amazon Echo Eavesdropping, Netflix Email Scam – WB49

---

---

This is your Shared Security Weekly Blaze for December 31st 2018 with your host, Tom Eston. In this week’s episode: a new phishing attack targeting two-factor authentication, Amazon Echo eavesdropping, and a new Netflix email scam.

Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.

Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.

As this is the last episode in 2018, I wanted to thank all of you for listening and supporting the podcast this year! Happy New Year and we look forward to helping you stay more secure and private in 2019!

A recent report from Amnesty International shows that there is a large phishing campaign taking place targeting hundreds of individuals in the Middle East and North Africa. The campaign seems to be targeting email accounts from Google, Yahoo as well as more secure email services from ProtonMail and Tutanota. In the case of attacks targeting ProtonMail and Tutanota, the attackers simply added the letter ‘e’ to the end of ‘proton’ in the domain name ‘protonmail.ch’ and with Tutanota they used the domain ‘tutanota.org’ when the real domain is ‘tutanota.com’.  While these two techniques are very common with many similar phishing attacks, these are specifically designed to bypass common forms of two-factor authentication such as text message based methods. Essentially, the attackers set up a login page to an email service and in the background some fancy scripting acts as a proxy to the real email service while you enter your login credentials and then your two-factor authentication code sent to your phone. This attack could even work against app based two-factor authentication like Google Authenticator as well.  Mitigations from this type of phishing attack are the typical ones we always recommend like carefully looking at the web address in the email or address bar of your web browser and using a newer but more secure form of two-factor authentication such as a hardware security key from companies like Yubikey and others.

I found it interesting that the details in this report were specifically directed towards human rights defenders because they are almost always targeted by nation state governments through phishing attacks like these. But as we continue to see, what I would call the arms race, between us and attackers using more creative ways to conduct phishing campaigns, it’s more important than ever to take the stance of ‘think before you click’. In fact, phishing attacks, like the ones described in this report,  are becoming so common that it’s advisable to never click on links in an email all together.  Instead, manually type in the web address of the site you’re being prompted to click on.

Edgewise Networks is the first zero trust platform that stops data breaches by allowing only verified software to communicate in your cloud and data cent

---

Published on 7 years ago