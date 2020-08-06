Attackers bypass multi-factor authentication to hijack email accounts
Thursday, 6 August 2020 () Researchers at Abnormal Security have detected an increase in business email compromise attacks that successfully compromise email accounts despite the use of multi-factor authentication (MFA) and Conditional Access. This is possible because legacy email protocols, including IMAP, SMTP, MAPI and POP, don't support MFA. In addition many common applications -- such as those used by mobile email clients (for example, iOS Mail for iOS 10 and older) -- don't support modern authentication. A common pattern in account takeovers is that after being blocked by MFA an attacker will immediately switch to using a legacy application. In fact, most credential stuffing campaigns… [Continue Reading]
