It seems that not even strong 2-factor authentication methods are safe from human error. If someone possesses your phone number and username, a scenario can be devised to first login to a website and trigger a verification code sent to your phone. The attacker would then continue with a follow-up SMS message asking the user to forward the recently sent verification code to “validate that the phone is linked to the account”. The research demonstrates that 25% of test subjects forwarded the verification code.
This demonstrates that the need to continuously monitor the user activity is a MUST. Micro Focus helps monitor the use of credentials and alert the operators of anomalous behavior. Detect breaches in your network faster with our Security Monitoring portfolio.
Click here to visit our website for more information on how Micro Focus can help you improve security.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.