We all know that using multi-factor authentication (MFA) is a good way to help keep your business data secure, right? It adds an extra layer of security to your accounts, as you need your password AND a code to log in.
Well, here’s some worrying news: Cyber criminals have recently been finding ways to get around MFA.
How are they doing it?
When you log in to your email, a session cookie gets created and saved in your browser. This makes it easy to stay logged in without having to re-enter your password.
Scammers are now stealing these cookies to get around security measures. This could mean your accounts are at risk, even with MFA enabled.
If cyber criminals get into your accounts, they could access sensitive data and use it for identity theft or phishing attacks (where they use fake emails to trick you into sharing information).
To help keep your business protected, make sure you’re using strong security software. Always keep devices and software updated, and log out of important accounts when they’re not in use.
Another tip? Don’t use the “remember me” option on shared or public computers, and only interact with secure websites that have a “HTTPS” address.
Does your team need a refresher on cyber security awareness? We can help with that. Get in touch.
Comments