Protecting small firms from computer disasters
Cart 0

2FA Hacked - Backups Even More Critical

cybersecurity vulnerabilities

Two-Factor Authentication (2FA) is designed to protect you by sending you a text message or calling you when you are logging into a website. It is a minor annoyance, requiring you to take and extra step beyond just entering your username and password.

2FA Hacked

A hacker might obtain your username and password through one of the frequent data breaches we read about, but a hacker doesn't have your phone. 2FA foils hackers by requiring you to enter a code you receive on your phone.

Faked Email

Unfortunately, you can still be tricked by a skillfully faked email into clicking a link to a bad website that imitates a good one. You'd think the hackers would be stymied because they don't have your phone, but they can fool you into entering the 2FA code into their fake login page. From there, they can log into your account on the real website.

Kevin Mitnick, now a good guy / white hat hacker for, published a techie video explaining how this is done. He demonstrates the hack using a LinkedIn account as the target, but it works against just about any website - your bank, your email webpage, your Office 365 account or Google services.

Essential to the hack is tricking you into clicking a link in an email. Hackers use web addresses with subtle typo's, for example, is available for anyone to purchase. It is easy to overlook the "ff" in place of "ft" when you see the link. Once you click on it, everything will look normal but be fake and malicious!

Backups Even More Critical

Despite our best security measures, users can still be fooled. Having in place a backup system is your best fail-safe defense to permanent loss of your emails and files. A cloud backup system can be insulated from whatever havoc may play out in your online accounts and local files.

The people in your office need effective training and practice so that they won't fall victim to the ever-evolving hacker tricks and tools.



Older Post Newer Post

Leave a comment

Please note, comments must be approved before they are published