{"id":132,"date":"2020-11-08T08:42:28","date_gmt":"2020-11-08T08:42:28","guid":{"rendered":"https:\/\/iconit.co.nz\/?p=132"},"modified":"2020-11-12T02:17:01","modified_gmt":"2020-11-12T02:17:01","slug":"case-study-overcoming-phishing-with-2fa-or-mfa","status":"publish","type":"post","link":"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/","title":{"rendered":"Case Study: Overcoming phishing with 2FA or MFA"},"content":{"rendered":"\n<p>One of Icon IT\u2019s clients was having an issue with phishing emails. Some of these suspicious emails were getting through their email systems without being blocked, and multiple times in one year, staff members would click on a link in an email when they shouldn\u2019t have, and then supplied their login name and password to the network.<\/p>\n\n\n\n<p>Obviously, they were keen to stop this, and wanted to know what their options were.<\/p>\n\n\n\n<p>First off, what is phishing? If you know already, then skip this bit, but phishing emails are those dodgy ones that come through with links that go off to websites that might ask for your network\/email username and password, and all sorts of other suspicious things. They might look like they come from PayPal, LinkedIn, Dropbox \u2013 all sorts of legitimate companies, but these emails are in no way legitimate.<\/p>\n\n\n\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe title=\"What is phishing? Learn how this attack works\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/Y7zNlEMDmI4?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>In our case study, as mentioned this client had their email hacked three times in one year. What does this mean, in reality? Each time, a staff member clicked on a dodgy link in an email, which opened up a web page and asked the staff member to enter their email address and password \u2013 and each time, they did. The hacker then went off and setup a forward on that email address, sending it to themselves. The user had no idea this had happened.<\/p>\n\n\n\n<p>The hacker then went and sent emails on behalf of the staff member, claiming to be them, and request invoice payments.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" width=\"684\" height=\"1024\" src=\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-684x1024.jpg\" alt=\"\" class=\"wp-image-135\" srcset=\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-684x1024.jpg 684w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-200x300.jpg 200w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-768x1150.jpg 768w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-1025x1536.jpg 1025w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-1367x2048.jpg 1367w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-300x449.jpg 300w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-850x1273.jpg 850w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-saksham-choudhary-2036656-scaled.jpg 1709w\" sizes=\"(max-width: 684px) 100vw, 684px\" \/><\/figure>\n\n\n\n<p>There\u2019s no doubt that no business owner or organisation wants to go through this \u2013 especially not multiple times. The potential loss of money and the absolute loss of faith by stakeholders, suppliers and clients cannot be underestimated.<\/p>\n\n\n\n<p>So what are your options here? There\u2019s actually quite a few; you could stop the phishing emails before they get to your staff, or for this specific client, you could implement 2FA or MFA to stop the hackers actually accessing your staffs email, if they had the password.<\/p>\n\n\n\n<p>You could also implement phish testing, to educate your staff on what emails not to open. These have high success rates. Icon IT can do phish testing for you, <a href=\"https:\/\/iconit.co.nz\/index.php\/coffee\/\">contact us for more details<\/a> about this service.<\/p>\n\n\n\n<p><strong>2FA and MFA<\/strong><\/p>\n\n\n\n<p>You are probably wondering what 2FA and MFA are. 2FA stands for 2 Factor Authentication, and MFA is Multi-Factor Authentication.<\/p>\n\n\n\n<p>You might have already used 2FA to access a banking website. Some banks will, if you ask them, supply a \u2018token\u2019 \u2013 a small device that has a rolling numeric code on it, so when you go to log into the bank, or go to transfer a large amount of money online, you need to enter the code first. This is a basic use of 2FA.<\/p>\n\n\n\n<p>MFA means there may be more than one method of authenticating to access a service. For both 2FA and MFA, this could be email, banking, Customer Relationship Management (CRM) like SalesForce or Microsoft CRM \u2013 basically any service you need to authenticate to use.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" width=\"1024\" height=\"684\" src=\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-1024x684.jpeg\" alt=\"\" class=\"wp-image-134\" srcset=\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-1024x684.jpeg 1024w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-300x200.jpeg 300w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-768x513.jpeg 768w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-1536x1025.jpeg 1536w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-2048x1367.jpeg 2048w, https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-photo-735911-850x567.jpeg 850w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>How would 2FA block the hacker mentioned? Let\u2019s say they have one of your staff member\u2019s email address and password. The hacker then logs into the mail service you use (let\u2019s say Microsoft365, or Office365), and enters the email address and then the password. Since you have 2FA implemented, they are then prompted for the 2FA code. They don\u2019t have it, so that\u2019s it \u2013 they are unable to access your staff member\u2019s email. It\u2019s really that simple.<\/p>\n\n\n\n<p>You can also use 2FA to implement policies of when it\u2019s used; for example, for your own premises, you probably don\u2019t ever want 2FA to kick in, as it\u2019s just going to annoy staff. You can setup a policy to do this.<\/p>\n\n\n\n<p><strong>But how does it actually work?<\/strong><\/p>\n\n\n\n<p>Let\u2019s say your staff member is at home, and then logs into <a href=\"http:\/\/www.office.com\">www.office.com<\/a> to check their email. They enter their email address and password, and get prompted at that point for the code. They enter the code (from a token, or a phone app, or there are other options) and then they are in. 2FA doesn\u2019t add a lot of time to the process.<\/p>\n\n\n\n<p>And depending on the 2FA system used, it may be a smartphone app. Instead of giving you a code, some of the apps will instead simply pop up with a prompt to Allow or Deny access. Assuming it\u2019s legitimate, the user doesn\u2019t need to enter a code, they simply press the Allow button on the app, and then they\u2019re in.<\/p>\n\n\n\n<p>There\u2019s a lot more to it than this, but that\u2019s the overview. There\u2019s also costs involved of course, and some Microsoft365 licenses come with MFA functionally. You can contact us to see if your license is one of those.<\/p>\n\n\n\n<p>Regardless, if you want a no-obligation chat around 2FA and MFA, <a href=\"https:\/\/iconit.co.nz\/index.php\/coffee\/\">please get in touch<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of Icon IT\u2019s clients was having an issue with phishing emails. Some of these suspicious emails were getting through their email systems without being blocked, and multiple times in one year, staff members would click on a link in an email when they shouldn\u2019t have, and then supplied their login name and password to&#8230;<\/p>\n","protected":false},"author":1,"featured_media":133,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v15.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Case Study: Overcoming phishing with 2FA or MFA &ndash; Icon IT - independent, unbiased IT advice<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Case Study: Overcoming phishing with 2FA or MFA &ndash; Icon IT - independent, unbiased IT advice\" \/>\n<meta property=\"og:description\" content=\"One of Icon IT\u2019s clients was having an issue with phishing emails. Some of these suspicious emails were getting through their email systems without being blocked, and multiple times in one year, staff members would click on a link in an email when they shouldn\u2019t have, and then supplied their login name and password to...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/\" \/>\n<meta property=\"og:site_name\" content=\"Icon IT - independent, unbiased IT advice\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-08T08:42:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-11-12T02:17:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-cottonbro-5483071-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1707\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"3 minutes\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/iconit.co.nz\/#organization\",\"name\":\"Icon IT Limited\",\"url\":\"https:\/\/iconit.co.nz\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iconit.co.nz\/#logo\",\"inLanguage\":\"en-NZ\",\"url\":\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/10\/icon-it-logo-small.png\",\"width\":412,\"height\":173,\"caption\":\"Icon IT Limited\"},\"image\":{\"@id\":\"https:\/\/iconit.co.nz\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/iconit.co.nz\/#website\",\"url\":\"https:\/\/iconit.co.nz\/\",\"name\":\"Icon IT - independent, unbiased IT advice\",\"description\":\"Keeping IT simple\",\"publisher\":{\"@id\":\"https:\/\/iconit.co.nz\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/iconit.co.nz\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-NZ\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#primaryimage\",\"inLanguage\":\"en-NZ\",\"url\":\"https:\/\/iconit.co.nz\/wp-content\/uploads\/2020\/11\/pexels-cottonbro-5483071-scaled.jpg\",\"width\":2560,\"height\":1707},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#webpage\",\"url\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/\",\"name\":\"Case Study: Overcoming phishing with 2FA or MFA &ndash; Icon IT - independent, unbiased IT advice\",\"isPartOf\":{\"@id\":\"https:\/\/iconit.co.nz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#primaryimage\"},\"datePublished\":\"2020-11-08T08:42:28+00:00\",\"dateModified\":\"2020-11-12T02:17:01+00:00\",\"inLanguage\":\"en-NZ\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/\"]}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#webpage\"},\"author\":{\"@id\":\"https:\/\/iconit.co.nz\/#\/schema\/person\/d141d2dcb20d01a29e7fbe4c34ba01d0\"},\"headline\":\"Case Study: Overcoming phishing with 2FA or MFA\",\"datePublished\":\"2020-11-08T08:42:28+00:00\",\"dateModified\":\"2020-11-12T02:17:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#webpage\"},\"publisher\":{\"@id\":\"https:\/\/iconit.co.nz\/#organization\"},\"image\":{\"@id\":\"https:\/\/iconit.co.nz\/index.php\/2020\/11\/08\/case-study-overcoming-phishing-with-2fa-or-mfa\/#primaryimage\"},\"articleSection\":\"Posts\",\"inLanguage\":\"en-NZ\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/iconit.co.nz\/#\/schema\/person\/d141d2dcb20d01a29e7fbe4c34ba01d0\",\"name\":\"Fred\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iconit.co.nz\/#personlogo\",\"inLanguage\":\"en-NZ\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b5576b9d9cdf6251b80c6c2d4d1b32c5?s=96&d=mm&r=g\",\"caption\":\"Fred\"},\"sameAs\":[\"https:\/\/iconit.co.nz\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/posts\/132"}],"collection":[{"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/comments?post=132"}],"version-history":[{"count":4,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/posts\/132\/revisions"}],"predecessor-version":[{"id":139,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/posts\/132\/revisions\/139"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/media\/133"}],"wp:attachment":[{"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/media?parent=132"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/categories?post=132"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iconit.co.nz\/index.php\/wp-json\/wp\/v2\/tags?post=132"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}