A new phishing scam seems to be popping up every month, which can make it hard to stay alert. While some of these scams are ...

Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth ...

The insurance company did not cover any of the city’s claims totalling about $5 million. City staff say they've learned from ...

Multi-factor authentication (MFA) adds an extra layer of protection to your accounts. Instead of relying only on a password, MFA requires you to verify your identity using two or more methods.

But while SMS codes are better than using no two-factor authentication at all, the approach comes with its own security risks. Criminals can trick or force users into sharing a code that’s been ...

Google has long offered SMS as an option to receive two-factor authentication codes for Gmail. However, there are risks associated with it. Criminals can easily intercept SMS verification and make ...

Finally, as we’ve noted before, SMS is not a secure form of two-factor authentication. Code generators are better, and one is now built into iOS 15.

SPEAR PHISHING What is device code phishing, and why are Russian spies so successful at it? Overlooked attack method has been used since last August in a rash of account takeovers.

A common example of this is if you’re on a long flight using the airplane’s Wi-Fi service. You have Internet access, but you won’t have cell service which is how your verification code may ...