With credential theft making up a large portion of phishing attacks, many organizations wisely turn to MultiFactor Authentication (MFA) to protect the credentials of their employees. Attackers, however, are upping their game to continue gaining access to corporate accounts. Cofense Threat Analyst Elmer Hernandez joins us this week to discuss a particular attack observed by Cofense that leverages OAuth2 and OpenID Connect instead of passwords. Learn more OAuth2 Attack Bypasses MFA Google Docs Scam Questions or comments? Reach us at [email protected] Discover how phishing awareness training can help your organization defend against changing phishing threats.

The post Phish Fryday – OAuth2 Phishing Attacks appeared first on Cofense.

Phish Fryday – OAuth2 Phishing Attacks was first posted on June 5, 2020 at 12:10 am.
©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at [email protected]