‘Consent phishing’ attacks can defeat two-factor authentication
Ars Technica describes how businesses in 62 countries were targeted by a ‘Business Email Compromise’ attack that tricked CEOs and business leaders into transferring large sums of money to the attackers. One scam used imitative domains containing the word ‘office’ to mimic trusted parties.
Read more here.