Reset

New Phishing Vulnerability Uses Facebook Copyright Violation Threat to Bypass MFA, Hikvision’s Senior Cybersecurity Director Covers this Security Concern

November 26, 2020

Hikvision HikWire blog article New Phishing Vulnerability

A new phishing vulnerability uses Facebook copyright violation threat to bypass MFA (multi-factor authentication) and trick users. Hikvision Senior Director of Cybersecurity, Chuck Davis, today covers this new cyber threat.  

MFA adds two or more pieces of verifiable evidence or factors to the authentication process to greatly reduce security concerns, by lowering the chances of an account being accessed by the wrong person. Two-factor authentication (2FA) is a subset of MFA and is a means of authenticating with just two pieces of verifiable evidence or factors.

Facebook Scam Attempts to Bypass MFA
A clever new phishing attack against Facebook members is using the threat of action against copyright violations, to trick users into sharing their login information and MFA code.

Naked Security walks through the attack which starts with an email, notifying the victim that there are copyright violations on their Facebook page. The victim is directed to a malicious appeals page that is actually hosted on Facebook.com, rather than a look-alike domain, which is common with cyberattacks. During the process of filing the appeal, the victim is prompted for his or her Facebook username and password, and is then prompted for their multi-factor authentication token.

To prevent becoming a victim to this Facebook “copyright violation” cyberattack, check the email sender carefully, and double check the addresses or links in emails and on pages in social media. You can also follow these seven tips to avoid becoming a victim to a phishing email. These recommendations are from the United States Computer Emergency Readiness Team (US-CERT), and covered in this Hikvision blog.  

  1. Filter spam.    Hikvision HikWire blog article Facebook Scam
  2. Be wary of unsolicited email.
  3. Treat email attachments with caution.
  4. Don’t click links in email messages.
  5. Install antivirus software and keep it up to date.
  6. Install a personal firewall and keep it up to date.
  7. Configure your email client for security.

Security Tip: Enable Multi-Factor Authentication (MFA)
As we saw in the Facebook scam above, attackers are targeting multi-factor authentication to gain access to victim’s accounts. But just because attackers are trying to trick users into sharing their MFA codes, doesn’t mean you shouldn’t use MFA. In fact, enabling MFA on your accounts is one of the best ways to greatly reduce the likelihood that your accounts will be compromised.

Not all websites and applications support MFA, but many do. To see which site support MFA and obtain instructions about how to enable MFA, check out the Two Factor Auth List.

To learn more about MFA, read this Hikvision blog: “Using Multi-Factor Authentication (MFA) to Prevent Phishing Hacks & Vulnerability Exploits.”

IMPORTANT! This model requires non-standard firmware. Do Not Install standard firmware (e.g. v.4.1.xx) on this model. Doing so will permanently damage your system. You must use custom firmware v.4.1.25 from the iDS-9632NXI-I8/16S product page.

By downloading and using software and other materials available via this website, you agree to be legally bound by HIKVISION General Terms of Use . If you don’t agree to these terms, you may not download or use any of those materials.

If you are agreeing on behalf of your company, you represent and warrant that you have legal authority to bind your company to the General Terms of Use above. Also you represent and warrant that you are of the legal age of majority in the jurisdiction in which you reside (at least 18 years of age in many countries).