Mamba 2FA significantly increases phishing threats

Phishing remains an unabated threat to organizations. The new Mamba 2FA threat has recently made several organizations victims. Peter LaHousse explains cybercrime.info explains what this new form of phishing means: “Mamba 2FA is a phishing-as-a-service platform that specifically focuses on circumventing two-factor authentication (2FA) with Microsoft 365 accounts. In doing so, attackers have found a new way to intercept not only login details, but also 2FA tokens. This allows attackers to access sensitive information even when 2FA is enabled.”

Is phishing still recognisable with the naked eye?

Preventing phishing is critical to the cyber security of any organization. The most common phishing method to steal or intercept login details is still an email combined with a fake login page. This includes Mamba 2FA, where you are redirected to a fake Microsoft login page. Nowadays, these phishing emails and fake login pages are barely distinguishable from the real thing. Partly through the use of AI.

When a phishing email is at first glance indistinguishable from the real thing, can you actually still recognize a phishing email? The answer is yes, but more and more often it is only for the very attentive employee who discovers that one of the following two points is fake and therefore untrustworthy:

1. Sender's mail address
2. Link in the mail to a (login) page
   ‍

The problem is that even a fake email address and a fake URL are increasingly indistinguishable from the real thing and are not always caught by the mail filter. A URL to a fake login page often looks like the URL of the real login page. Example:

• FAKE: login.micro-soft-online.com
• REALLY: login.microsoftonline.com
  ‍

When a realistic phishing email slips through the mail filter and ends up in the mailbox, the chance that at least one employee will unintentionally click on it and enter login details is huge. On a busy working day with an overcrowded mailbox, a mistake is easily made. Despite all the well-intentioned periodic phishing tests and training courses. And that is exactly what attackers who use Mamba 2FA are also responding to.

MindYourPass's smart URL recognition protects against phishing and Mamba 2FA

Does a user fall for a phishing email aimed at stealing login details, such as Mamba 2FA? Don't worry, MindYourPass protects against this common form of phishing. This is because our innovative password manager uses six factors to calculate your password. One of those factors is the URL of the website where you log in.

Does the URL differ and therefore appears to be fake? Then MindYourPass will not enter your password and it will remain out of the hacker's hands. Instead of the employee having to check the URL for authenticity, MindYourPass does that. That's what we call smart URL recognition.

‍

Thanks to MindYourPass, you are no longer solely dependent on the alertness of employees. MindYourPass automatically recognizes when the URL of a fake login page differs from the URL of the real website. In doing so, MindYourPass prevents employees from entering their passwords (or having them enter) on the counterfeit phishing login pages.

For example, MindYourPass's smart URL recognition prevents login details from falling into the hands of cybercriminals.

‍