Cyberhood Watch >

In today's digital landscape, the prevalence of multi-factor authentication (MFA) serves as a safeguard against unauthorized access to online accounts, offering users an added layer of security, but how can they scam you and what can you do to prevent it?

In this article

Multifactor, or two-factor authentication has been around for many years, but has only recently taken off in popularity. As major online platforms toss their hats into the ring, they’re doing what they can to put this important security strategy in front of people’s eyes.

Abbreviated as either MFA or 2FA, this is how many of your online accounts will try to verify that you are, well, you.

Put simply, this is when you try to log into your bank, email, or online shopping website, and it asks you to input a unique code they just texted to your phone. No code: no logging in, sorry.

Now that you’ve been reminded about what 2FA or MFA is, let’s move on to discuss the scams surrounding it.


A sophisticated form of phishing, dubbed authentication-in-the-middle, has emerged as a particularly insidious threat in recent times. Drawing parallels to the well-known man-in-the-middle (MitM) attacks, this method capitalizes on the trust users place in familiar online platforms to deceive them into unwittingly divulging sensitive authentication data.

How the scam works

The mechanics of authentication-in-the-middle are deceptively simple yet highly effective. Initially, an unsuspecting user is enticed to visit a fraudulent website meticulously crafted to mimic a legitimate service, such as a banking portal or social media platform. Upon entering their credentials, including username and password, on the counterfeit site, the information is surreptitiously redirected to the authentic service by cybercriminals, all while the user remains oblivious to the ruse.

Subsequently, when prompted to complete the MFA process—typically involving the input of a verification code or the approval of a push notification—the user complies, unaware that their actions are facilitating the unauthorized access orchestrated by the perpetrators. Once inside the compromised account, the malefactors have free rein to manipulate settings, such as altering contact information or draining financial resources, thereby perpetrating identity theft or financial fraud.

One of phishing’s many forms

Victims of authentication-in-the-middle schemes often fall prey to phishing sites disseminated through various channels, including social media platforms and fraudulent emails. Moreover, the proliferation of sponsored search results further exacerbates the challenge of discerning authentic links from malicious ones, underscoring the importance of heightened vigilance in online interactions.

How to lower your risk

To mitigate the risk of falling victim to authentication-in-the-middle attacks, users are advised to adopt a multifaceted defensive strategy:

Cultivate Awareness

A fundamental aspect of safeguarding against cyber threats involves cultivating a discerning mindset. Users should exercise caution when encountering sponsored search results or clicking on links embedded in unsolicited emails or social media posts. Vigilance serves as a potent deterrent against falling prey to phishing schemes.

Deploy Security Software

Leveraging reputable security solutions equipped with phishing detection capabilities can serve as an effective line of defense against fraudulent websites. Tools such as Malwarebytes Browser Guard offer real-time protection by blocking access to known phishing sites, thereby fortifying users against exploitation.

Utilize Password Managers

Implementing password management solutions not only enhances the security of online credentials but also mitigates the risk of inadvertently divulging sensitive information to fraudulent sites. By refraining from auto filling passwords on counterfeit platforms, password managers serve as a formidable barrier against authentication-based phishing attacks.

Embrace Passkeys

While MFA remains a cornerstone of robust cybersecurity practices, not all authentication methods are susceptible to exploitation by authentication-in-the-middle tactics. Passkeys, in particular, offer a resilient defense against such attacks, as they obviate the risk of unauthorized access by cybercriminals. As an increasing number of service providers integrate passkey authentication into their platforms, users are encouraged to embrace this secure authentication mechanism to bolster their defenses.

The Bottom Line

In essence, safeguarding against authentication-in-the-middle phishing attacks necessitates a proactive and multifaceted approach encompassing user education, technological solutions, and the adoption of resilient authentication mechanisms. By remaining vigilant and implementing robust security measures, individuals can fortify their digital defenses and thwart the nefarious intentions of cybercriminals.