Real-time attacks and man-in-the-middle techniques are being used to bypass two-factor authentication (2FA) technology.
Research by Trusteer found that in a real-time phishing attack, the user enters details onto a phishing website which captures the banking credentials and authentication information. The stolen credentials are then immediately used to open a session on the real bank website to commit a fraud.
It said that phishing attacks to date have been completely static, as traditionally the victim reaches a phishing website, submits their login credentials which are then stored for later use by cyber criminals. The introduction of strong two-factor authentication systems, especially one-time passwords, rendered these attacks useless, as fraudsters could not use static stolen credentials to commit fraud.
Even though one-time passwords (OTP) are limited in time and if fraudsters managed to capture OTP data, there is only a small window for them to be used. However Trusteer claimed that cyber criminals have not given up.
Mickey Boodaei, CEO of Trusteer, said: “Recently we have noticed an increase of a type of attack called man-in-the-middle phishing or, real-time phishing. The concept is not a new one and is well known in the security world; however up until now, we have not seen too many attacks like this. The recent escalation of websites now experiencing this type of attack is a cause for immediate concern.
“With real-time phishing, OTPs are becoming useless. There is no update or improvement to OTP that can defeat real-time phishing. The best form of defence is to implement dynamic layers of security, including browsing security, that can adapt to and block new threats.”