Phishing attacks can be automated through a new penetration testing tool published by security researcher Piotr Duszyński. Modlishka is the name of the tool and it can bypass login operations for accounts protected by two-factor authentication (2FA).

Don Duncan, Security Engineer at NuData Security:

“While cybercriminals can get past two-factor authentication (2FA), this should only be one piece in the authentication stack and not the only one. This is why companies are using multi-layered authentication tools that can verify the legitimacy of a transaction from different angles. This way, if one of the layers is fooled by a bad actor, the other layers or tools can flag that activity. It is this in-depth defense that allows companies to provide an exceptional experience for customers while cutting out cybercriminals.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.