Editorial Note: We earn a commission from partner links on Forbes Advisor. Commissions do not affect our editors’ opinions or evaluations.
Scam artists are working harder to steal your identity and money.
Phishing attacks, which use phony emails or text messages to fool you into divulging personal information, increased 28% last year, according to research from PhishLabs by HelpSystems. On a large scale, the schemes can be lucrative: Full sets of consumer data, including name, birth date, Social Security number and passwords, sell online for around $5 to $8 per record.
Those credentials can be a golden ticket into user accounts—but not always. Even when scammers have the login for, say, your bank, they still have one final barrier preventing full access: a one-time password sent to your smartphone.
But clever scammers are figuring out workarounds. You need to be one step ahead.
Fraudsters Target Multifactor Authentication
To better protect their account holders online, many businesses are using multifactor authentication. It’s the familiar security measure that requires you to enter a one-time password or code after you try to log in with your username and password.
The code, often a series of numerals, is texted to your phone or is generated by an authentication app. The process generally works well, but it can be defeated.
As senior fellow for threat research at Agari by HelpSystems, I hear about new scams targeting…
