There are different methods hackers can use to steal passwords and compromise our online privacy. But without a doubt one of the most common is Phishing. Hackers constantly update their attacks to refine them and make them more robust. In this article we echo a new one called that even manages to skip multi-factor authentication.
A new Phishing circumvents multiple authentication
If we think about what is the best defense we have to avoid being victims of Phishing, it is undoubtedly two-step authentication or multiple authentication. Basically it means that to log in it is not enough to just enter the password, but an additional second step is required . In the event that the access code is stolen, that intruder will have to enter another code that we can receive by e-mail, SMS or through certain applications.
What happens with this new Phishing method ? The problem is that it is able to skip that multiple authentication. The best defense we have against this type of threat is ahead of us. It involves making victims secretly log in to their accounts directly on servers controlled by the attacker using the VNC screen sharing system.
Until now, attackers could use reverse proxies to obtain those codes to gain access to accounts protected by multiple authentication. But of course, this technique is already detected by security measures and block logins. Platforms like LinkedIn even deactivate the account after a successful login.
So what does this new technique actually do? They use VNC remote access software, specifically the noVNC program . This application allows users to connect to a VNC server directly from the browser just by clicking on a link. That is where this Phishing technique comes into play.
What the attacker does is send a link , for example to enter the Google account, to the victim. But the victim is actually entering through the VNC session without realizing it. In this way, a hacker can send targeted Phishing emails containing links that automatically launch the browser and log into the attacker’s remote VNC server.
How to avoid being a victim of this attack
Although we have seen that this new technique can make Phishing more dangerous than ever and prevent multi-factor authentication, the truth is that preventive measures do not change at all. We are going to have to do the same to be protected and not have problems.
The first thing is common sense . It is essential not to click on any suspicious links that we come across. For example, a link that reaches us by email or social networks. We have seen what happens especially with this technique and what it can mean for our privacy.
It is also important to keep everything up to date . In many cases, this type of attack can take advantage of vulnerabilities in the computer that have not been corrected. This can lead to the entry of malware and the subsequent theft of passwords and account control. It is important to know how to detect when we are victims of Phishing.