With credential theft making up a large portion of phishing attacks, many organizations wisely turn to MultiFactor Authentication (MFA) to protect the credentials of their employees. Attackers, however, are upping their game to continue gaining access to corporate accounts. Cofense Threat Analyst Elmer Hernandez joins us this week to discuss a particular attack observed by Cofense that leverages OAuth2 and OpenID Connect instead of passwords.

Learn more

OAuth2 Attack Bypasses MFA

Google Docs Scam

Questions or comments? Reach us at [email protected]

Subscribe to
Phish Fryday

Or subscribe with your favorite app by using the address below

Discover how phishing awareness training can help your organization defend against changing phishing threats.