Gmail, Protonmail Targeted by 2FA Bypass Attacks
Amnesty International recently reported a new wave of phishing attacks against secure email providers such as Google, Protonmail, and Yahoo which is able to bypass 2 factor authentication.
Researchers say that they have identified several active campaigns, likely carried out by the same threat group in order to target Human Rights Defenders (HRDs).
The cybercriminals are often able to phish users using domains that bear the same or use a similar one as the legitimate website. These legitimate-looking websites are then used to harvest the credentials of users who would not notice anything amiss with the login process.