- Reverse Phishing Proxies Becoming a Standard Approach, Neutralizing Most Multi-Factor Authentication (MFA)
- Malware, phishing and social engineering techniques popularize methods to bypass multi-factor authentication
Seoul, South Korea-based F5 today announced that its recently released "2023 Privacy Threat Report" reveals that threats to digital identity are persistent and evolving at a rapid pace. The report focuses on three threats that have the greatest impact on digital privacy: credential stuffing, phishing, and multi-factor authentication (MFA) bypass.
Across all sectors, the report found that credential stuffing accounted for an average of 19.4 percent of protected traffic in the sampled organizations, with credential stuffing dropping to 6 percent after mitigations were implemented. Mobile endpoints are generally more likely to be proactively mitigated through automation than web endpoints, with organizations in the travel, telecom, and technology sectors experiencing higher rates of credential stuffing than other sectors.
As the phishing industry has matured with the proliferation of phishing tools and services, the technical sophistication and cost of phishing has decreased. In particular, phishing attacks target financial organizations and organizations that support large-scale single sign-on, such as Microsoft, Facebook, Google, and Apple. Reverse phishing proxies, also known as real-time phishing proxies or man-in-the-middle (MITM) phishing, are now a standard approach and can bypass most multi-factor authentication by harvesting session cookies.
Multifactor bypass techniques are now more common as malware, phishing, and other social engineering vector-based strategies gain traction. Technologies based on public key cryptography, such as the FIDO2 suite, are showing greater resistance to multi-factor bypass techniques.
The F5Labs 2023 Privacy Threat Report provides neutral recommendations for the average organization to mitigate digital privacy threats based on an analysis of 320 billion data transactions from 159 companies and organizations from March 2022 to April 2023.