Kaspersky Reveals Advanced Phishing Techniques Passing Two-Factor Authentication (2FA)

The display of examples of banking phishing sites (photo: Kaspersky)

JAKARTA - Kaspersky is exposing the advanced evolution of the latest phishing techniques used by cybercriminals to bypass two-factor authentication (2FA), an important security measure designed to protect online accounts.

This 2FA feature is intended to add extra security layers to protect user accounts even if their passwords are compromised. However, fraudsters have developed a way to trick users, so they can bypass 2FA protection.

The OTP bot is a tool used by fraudsters to intercept OTP through social engineering techniques. Usually, attackers try to get user login credentials via phishing or data leakage.

Social engineering can be very complicated, especially with the use of OTP bots that can mimic real calls from legitimate service or organization representations, "said Olga Svistunova, security expert at Kaspersky in a report received on Monday, June 10.

Then log in to the account, triggering the OTP to be sent to the user's cellphone. After that, the OTP bot will call the user, pretend to be a representative of a trusted organization, and persuade the victim to share the OTP.

Finally, once the attacker receives the OTP via the bot, they will use it to gain access to the victim's account.

Kaspersky also found that these scammers manage OTP bots through dedicated online panels or message delivery platforms like Telegram. This bot comes with various subscription features and packages.

Kaspersky research shows the significant impact of these phishing and OTP bot attacks. From March 1 to May 31, 2024, the company's products prevented 653,088 attempts to visit sites generated by phishing devices targeting the banking sector, whose data is often used in attacks with OTP bots.

In the same period, Kaspersky's technology detected 4,721 phishing pages generated by kits aimed at passing through two-factor authentication in real-time.

Therefore, Kaspersky emphasized that it is important to remain vigilant and follow the best security practices.