TECH NEWS – New phishing tools have emerged that can compromise Google and Microsoft accounts, even if they have 2FA (two-factor authentication) enabled…

The Tycoon 2FA Phishing-as-a-service (PhaaS) platform is linked to a toolkit acquired by several hackers, according to the Sekoia Threat Detection & Research team. It first appeared on private Telegram channels using the Adversary-in-the-Middle phishing kit. A reverse proxy server hosts the data-stealing page and services the collected data.

The attack starts by receiving an email with a QR code or a web page that redirects to the phishing site. Interaction with the code or link triggers the Cloudflare security checker, which handles the unwanted traffic. These checks are so common these days that victims do not take them seriously due to habituation. Once the security challenge is completed, we are redirected to a fake Microsoft page where we enter our details, the toolkit throws up a fake 2FA command on our phone, and from there we helplessly let our account be stolen. Gmail accounts can also be easily hijacked this way.

If the email in question is received on a PC, it is always best to check the link by hovering over it so that the browser can tell you where the link is pointing. And when it comes to QR codes, only open those from trusted sources, and you’re much less likely to be targeted by hackers. Of course, the world is not just about us, but we can have our unsuspecting moments and get into trouble too.

Internet hacking is rampant these days, and there are attackers out there who want to get our banking information. When serious money is at stake, what the perpetrators do is no joke.

Source: WCCFTech, Sekoia