Pensionskasse Kanton Solothurn
Niklaus Konrad-Strasse 4
4500 Solothurn
Montag – Freitag:
08.30 – 11.30 Uhr / 13.30 – 16.30 Uhr
| Method | Attack Vector | Real-world example | |--------|---------------|---------------------| | | SIM swapping, SS7 flaws, mobile carrier exploits | 2020 Twitter hack; numerous crypto account takeovers | | TOTP (Authenticator App) | Real-time phishing (evilginx proxy), man-in-the-middle | 2022-2024 Okta & Microsoft 365 AiTM attacks | | Email 2FA | Email account takeover, mail server misconfig | Password reset flows bypassing 2FA | | Push notifications (MFA fatigue) | MFA bombing/spamming until user approves | Uber 2022, Cisco 2022 breaches |
Use a (like a YubiKey) for your most sensitive accounts (Email, Banking). ⚡ Quick Pro-Tip 2fa rip
"2FA RIP" generally refers to the situation where you have lost access to your (2FA) device or method, effectively locking you out of your account. | Method | Attack Vector | Real-world example