New ‘Robin Banks’ phishing service targets BofA, Citi, and Wells Fargo July 27, 2022 IronNet: Robin Banks might be robbing your bank
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web By Pierluigi Paganini - September 5, 2022
This is cool and all, although I still can't fully visualize how the heck this is possible in the first place. But what would be more interesting to know is, what type of MFA could stop this? And what can companies do to recognize that some hacker is trying to capture credentials, shouldn't device fingerprinting play a role? And it's also a shame that MS Smartscreen and Google Safe Browsing are apparently not good in spotting these kind of phishing domains.
Now that I think of it, perhaps browsers should also play a role, why not implement a whitelist of important websites that are vulnernable to phishing attacks, and warn when you type in credentials on non-whitelisted websites, I mean this isn't rocked science. I believe Trusteer Rapport also had an anti-phishing feature back in the days, but this tool was pretty much crap since it caused instability problems on many systems. https://www.ibm.com/products/phishing-and-malware-protection/details
Robin Banks phishing service returns to steal banking accounts By Bill Toulas @billtoulas - November 4, 2022 IronNet: Robin Banks still might be robbing your bank (part 2)
