undefined | Better HN

0 pointsben104012y ago0 comments

It would have stopped someone from using a phished GApps credential from logging in to Google using it, though.

It sounds like one prong of the attack was to gain access to one employee's email, then use that account to send phishing emails to other employees. 2FA would have stopped that.

0 comments

err_badprocrast12y ago

I wonder if it would be possible to phish 2factor while you're at it... Something like:

1- get target to enter google credentials

2- log into target's account using those credentials with a proxy/controlled IP that shows up nearby in geoip DBs

3- display a credible message, asking for 2factor code (something something DHCP something something more buzzwords - dummy mode on)

Any reason this wouldn't work?

j / k navigate · click thread line to collapse