Author: Markus Jakobsson

There are countless ways to carry out a cyber attack, but for the vast majority the key is deception – typically involving identity deception in which the attacker poses as a trusted party to the intended victim. With cyber criminals constantly on the prowl to capture passwords and other credentials, two-factor authentication (2FA) has become one of the most widely accepted backup verifications for many services and companies. While various 2FA methods are available, the humble SMS text message has emerged as a favourite as it is incredibly ubiquitous and easy to understand. Nevertheless, SMS also contains a number of…

The next 12 months will see major developments in the arms race between cyber attackers and security defenders as they continue to try to stay ahead of each other. Much of the cyber battle will revolve around the creation of new malware and defensive technology, but one of the defining factors of 2018 will be the increased use of advanced social engineering. As high-level techniques begin to trickle down through the criminal community, I anticipate a smarter use of available data and deceptive tactics designed to trick targets and evade security measures. Increased Use of Multi-Factor Social Engineering Criminals have…