Sam Tidmarsh reports:
Multiple credentials phishing campaigns targeting human rights activists and journalists across the Middle East and North Africa have been disclosed by Amnesty International.
Credentials phishing deploys imitations of websites, wherein a login prompt lures a victim into entering their personal details, which are then transmitted to the attacking party.
In this case, logging in to the phishing page generated an alert to complete a two-factor authentication. The user, on this request, responded via mobile to complete the login process.
Likely operated by a circle of attackers, one campaign threatened the security of hundreds of accounts on popular “secure email” services such as Tutanota and ProtonMail. In another campaign, the attackers breached potentially hundreds of Google and Yahoo accounts, bypassing trusted and common forms of 2FA.
Read more on Stack. And yeah, this is concerning.