{"id":8549,"date":"2023-02-28T15:52:14","date_gmt":"2023-02-28T23:52:14","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=8549"},"modified":"2024-04-26T14:00:58","modified_gmt":"2024-04-26T21:00:58","slug":"recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/","title":{"rendered":"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains"},"content":{"rendered":"<p>In cybersecurity, the weakest link is often the human element. This proved to be true in a series of recent SMS phishing attacks.\u00a0<\/p>\n<p>In February, the Coinbase cryptocurrency exchange platform <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/coinbase-cyberattack-targeted-employees-with-fake-sms-alert\/\" target=\"_blank\" rel=\"noopener\">revealed<\/a> that it was the target of a cyberattack that lured one of its employees, via SMS, to log into a company account to read an important message. The employee was taken to a phishing site where he entered his credentials. Once the attacker had the stolen credentials, he tried to login to Coinbase\u2019s internal systems but was not successful due to multi-factor authentication (MFA). After failing to authenticate, the attacker called the employee, claiming to be Coinbase\u2019s IT department. The employee believed the caller to be legitimate and started following the attacker\u2019s instructions. Soon after, Coinbase\u2019s CSIRT (Computer Security Incident Response Team) team saw alerts of suspicious activity from the employee and immediately contacted the employee, at which point he stopped all communications with the attacker.\u00a0 Since then, several other companies have confirmed that they were subject to the same attack, including <a href=\"https:\/\/www.hackread.com\/reddit-hacked-employee-phishing-scam\/\" target=\"_blank\" rel=\"noopener\">Reddit<\/a>, <a href=\"https:\/\/www.hackread.com\/sms-phishing-scam-dupes-zendesk-staff\/\" target=\"_blank\" rel=\"noopener\">Zendesk<\/a>, <a href=\"https:\/\/www.hackread.com\/hackers-employee-accounts-twilio-internal-system\/\" target=\"_blank\" rel=\"noopener\">Twilio<\/a>, <a href=\"https:\/\/www.hackread.com\/doordash-data-breach-third-party-phishing-attack\/\" target=\"_blank\" rel=\"noopener\">DoorDash<\/a>, and <a href=\"https:\/\/www.hackread.com\/hackers-crypto-wallets-namecheap-phishing\/\" target=\"_blank\" rel=\"noopener\">Namecheap<\/a>.<\/p>\n<p>Attackers love phishing because it is cheap and all they need is one person to make a mistake and click on the link. SMS phishing attacks, commonly called smishing, such as the one above have increased in frequency recently, and Infoblox is actively tracking actors who operate massive resilient smishing operations.\u00a0<\/p>\n<p>Phishing involves tricking the victim into clicking on a malicious link and providing personal information, such as passwords, credit card numbers, or social security numbers. Phishing attacks can start with an email, an SMS, a phone call or social media messages that appear to be from a legitimate source, such as a bank, social media platform, or an online store. The message typically includes a link or attached file for the recipient to click on or open.\u00a0<\/p>\n<h3>Connecting Phishing Attacks to Lookalike Domains<\/h3>\n<p>Lookalike domains are used in phishing and spear phishing attacks such as the one that targeted Coinbase. Lookalike domains can imitate any organization, including<\/p>\n<ul>\n<li>well-known consumer businesses such as Paypal, Bank of America or Facebook,<\/li>\n<li>businesses large-and-small without a consumer focus, and\u00a0<\/li>\n<li>an organization&#8217;s supplier or partner.<\/li>\n<\/ul>\n<p>Read on to learn more about lookalike domains related to multi-factor authentication and how you can stay protected.<\/p>\n<h3>Infoblox Identifies Attacks Related to MFA Lookalike Domains<\/h3>\n<p><a href=\"https:\/\/www.infoblox.com\/threat-intel\/\" target=\"_blank\" rel=\"noopener\">Infoblox Threat Intelligence Group<\/a> dug into historical data following the disclosures. They found that these MFA-related attacks began in January 2022, or earlier, and that there was a steep rise in registrations for lookalike domains related to MFA starting in August 2022.\u00a0<\/p>\n<p>A summary of the team\u2019s findings is as follows:<\/p>\n<ul>\n<li>In total, since January 2022, over 1600 domains were registered as lookalikes to MFA domains.\u00a0<\/li>\n<li>Large companies began registering domains in Summer 2022, likely as a proactive measure, but many others are suspicious and possibly related to phishing attacks.\u00a0<\/li>\n<li>These attacks are likely the work of multiple independent actors, and targeted large financial institutions, software companies, service providers, insurance companies, and government-related organizations globally.<\/li>\n<li>The team detected MFA lookalikes for major services such as Dropbox, Paypal, Microsoft, Okta, Netflix, Amazon, Tripadvisor, and YouTube, in addition to those reported in the media.<\/li>\n<\/ul>\n<h3>Using Infoblox Suspicious and Emergent Domain Feeds to Stay Protected<\/h3>\n<p>We all know the age-old adage, \u201cThe bad guys only have to be right once, while we have to be right every time.\u201d Being right every time is easier said than done in cybersecurity.<\/p>\n<p>To help organizations stay a step ahead of the attackers, especially when it comes to lookalike domains, Infoblox provides suspicious emergent domains data as a feed for <a href=\"https:\/\/www.infoblox.com\/products\/bloxone-threat-defense\/\" target=\"_blank\" rel=\"noopener\">BloxOne Threat Defense customers<\/a>. These are domains that share common indicators with other known malicious sites, but have not been classified as malicious yet.\u00a0<\/p>\n<p>Since the launch of our suspicious emergent domains data in early November 2022, Infoblox has detected 75% of the MFA lookalike domains registered with these characteristics as suspicious. <b>This means customers who had the suspicious feeds and set the policy to \u201cblock\u201d were protected against those MFA lookalike domains.<\/b>\u00a0<\/p>\n<p>In addition to using these feeds, customers of BloxOne Threat Defense can use the built-in lookalike domain detection service, where they can submit their organization&#8217;s own domain, or domains frequently visited by or controlled by the organization, for lookalike protection. The Threat Intelligence Group will determine high-risk lookalike domains for initial assessment and monitoring. Customers are notified of suspicious activity related to these lookalike domains for visibility and as an advance warning to help the organization avert a potential network breach or customer threats.<\/p>\n<p>Phishing attacks are a serious threat to individuals, businesses, and organizations. By being aware of the signs of a phishing attack and taking steps to protect yourself, you can reduce the risk of falling victim to one.\u00a0<\/p>\n<p>You don&#8217;t have to be a cybersecurity expert to be secure, but you do have to be aware and proactive.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In cybersecurity, the weakest link is often the human element. This proved to be true in a series of recent SMS phishing attacks.\u00a0 In February, the Coinbase cryptocurrency exchange platform revealed that it was the target of a cyberattack that lured one of its employees, via SMS, to log into a company account to read [&hellip;]<\/p>\n","protected":false},"author":227,"featured_media":8390,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[386,307,711,360,847,228],"class_list":{"0":"post-8549","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-lookalike-domains","9":"tag-phishing","10":"tag-mfa","11":"tag-dns-security","12":"tag-threat-intelligence-feeds","13":"tag-bloxone-threat-defense","14":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Recent SMS Phishing Attacks and the Dangers of MFA Lookalike Domains | Infoblox<\/title>\n<meta name=\"description\" content=\"Recent SMS phishing attacks reveal the dangers of MFA lookalike domains. Infoblox tracks actors behind massive smishing operations that use MFA lookalike domains and provides solutions like suspicious emergent domain feeds and lookalike domain detection service to help organizations stay protected. Learn how to reduce the risk of falling victim to a phishing attack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains\" \/>\n<meta property=\"og:description\" content=\"Recent SMS phishing attacks reveal the dangers of MFA lookalike domains. Infoblox tracks actors behind massive smishing operations that use MFA lookalike domains and provides solutions like suspicious emergent domain feeds and lookalike domain detection service to help organizations stay protected. Learn how to reduce the risk of falling victim to a phishing attack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-28T23:52:14+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T21:00:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-06.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"408\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Krupa Srivatsan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Krupa Srivatsan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/\"},\"author\":{\"name\":\"Krupa Srivatsan\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/3cd3a5f9e497b09854c3bc168f9365d5\"},\"headline\":\"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains\",\"datePublished\":\"2023-02-28T23:52:14+00:00\",\"dateModified\":\"2024-04-26T21:00:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/\"},\"wordCount\":825,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-06.jpg\",\"keywords\":[\"lookalike domains\",\"Phishing\",\"MFA\",\"DNS Security\",\"Threat Intelligence Feeds\",\"BloxOne\u00ae Threat Defense\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/\",\"name\":\"Recent SMS Phishing Attacks and the Dangers of MFA Lookalike Domains | Infoblox\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-06.jpg\",\"datePublished\":\"2023-02-28T23:52:14+00:00\",\"dateModified\":\"2024-04-26T21:00:58+00:00\",\"description\":\"Recent SMS phishing attacks reveal the dangers of MFA lookalike domains. Infoblox tracks actors behind massive smishing operations that use MFA lookalike domains and provides solutions like suspicious emergent domain feeds and lookalike domain detection service to help organizations stay protected. Learn how to reduce the risk of falling victim to a phishing attack.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-06.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-06.jpg\",\"width\":612,\"height\":408},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/3cd3a5f9e497b09854c3bc168f9365d5\",\"name\":\"Krupa Srivatsan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_227_1571768571-96x96.jpg\",\"url\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_227_1571768571-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_227_1571768571-96x96.jpg\",\"caption\":\"Krupa Srivatsan\"},\"description\":\"Krupa is Senior Director of Product Marketing at Infoblox. She has 18 years of experience in technology in various roles including software development, product management and product marketing. Currently, she is responsible for messaging, positioning and bringing to market Infoblox\u2019s security solutions that ease security operations and provide DNS based security. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/krupa-srivatsan\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Recent SMS Phishing Attacks and the Dangers of MFA Lookalike Domains | Infoblox","description":"Recent SMS phishing attacks reveal the dangers of MFA lookalike domains. Infoblox tracks actors behind massive smishing operations that use MFA lookalike domains and provides solutions like suspicious emergent domain feeds and lookalike domain detection service to help organizations stay protected. Learn how to reduce the risk of falling victim to a phishing attack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/","og_locale":"en_US","og_type":"article","og_title":"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains","og_description":"Recent SMS phishing attacks reveal the dangers of MFA lookalike domains. Infoblox tracks actors behind massive smishing operations that use MFA lookalike domains and provides solutions like suspicious emergent domain feeds and lookalike domain detection service to help organizations stay protected. Learn how to reduce the risk of falling victim to a phishing attack.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/","og_site_name":"Infoblox Blog","article_published_time":"2023-02-28T23:52:14+00:00","article_modified_time":"2024-04-26T21:00:58+00:00","og_image":[{"width":612,"height":408,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-06.jpg","type":"image\/jpeg"}],"author":"Krupa Srivatsan","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Krupa Srivatsan","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/"},"author":{"name":"Krupa Srivatsan","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/3cd3a5f9e497b09854c3bc168f9365d5"},"headline":"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains","datePublished":"2023-02-28T23:52:14+00:00","dateModified":"2024-04-26T21:00:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/"},"wordCount":825,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-06.jpg","keywords":["lookalike domains","Phishing","MFA","DNS Security","Threat Intelligence Feeds","BloxOne\u00ae Threat Defense"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/","url":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/","name":"Recent SMS Phishing Attacks and the Dangers of MFA Lookalike Domains | Infoblox","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-06.jpg","datePublished":"2023-02-28T23:52:14+00:00","dateModified":"2024-04-26T21:00:58+00:00","description":"Recent SMS phishing attacks reveal the dangers of MFA lookalike domains. Infoblox tracks actors behind massive smishing operations that use MFA lookalike domains and provides solutions like suspicious emergent domain feeds and lookalike domain detection service to help organizations stay protected. Learn how to reduce the risk of falling victim to a phishing attack.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-06.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-06.jpg","width":612,"height":408},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Recent SMS Phishing Attacks Reveal the Dangers of MFA Lookalike Domains"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/3cd3a5f9e497b09854c3bc168f9365d5","name":"Krupa Srivatsan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_227_1571768571-96x96.jpg","url":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_227_1571768571-96x96.jpg","contentUrl":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_227_1571768571-96x96.jpg","caption":"Krupa Srivatsan"},"description":"Krupa is Senior Director of Product Marketing at Infoblox. She has 18 years of experience in technology in various roles including software development, product management and product marketing. Currently, she is responsible for messaging, positioning and bringing to market Infoblox\u2019s security solutions that ease security operations and provide DNS based security. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.","url":"https:\/\/www.infoblox.com\/blog\/author\/krupa-srivatsan\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/8549","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/227"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=8549"}],"version-history":[{"count":5,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/8549\/revisions"}],"predecessor-version":[{"id":9967,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/8549\/revisions\/9967"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/8390"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=8549"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=8549"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=8549"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}