MFA Bypass: The New Threat to Financial Services
Discover how attackers are exploiting MFA resets to infiltrate financial services. This alarming trend reveals vulnerabilities that could compromise your security.
The Rise of MFA Bypass Attacks
In a shocking revelation, the latest CrowdStrike report highlights a new wave of attacks targeting financial services, where traditional password phishing is being replaced by sophisticated MFA bypass techniques. The group known as Mutant Spider has been particularly active, using voice phishing to convince employees to reset their multifactor authentication (MFA) credentials, allowing attackers to register their own devices on corporate networks.
This method has proven effective, as it exploits the very security measures designed to protect sensitive information. The FBI has also issued warnings about Kali365, a phishing-as-a-service platform that captures Microsoft 365 OAuth tokens, granting attackers persistent access to critical applications without triggering additional MFA prompts.
- Key findings from recent reports include:
- Credential theft now accounts for only 13% of breach access vectors.
- Vulnerability exploitation has surged to 31%, marking a significant shift in attack strategies.
- Financial services have seen a 43% increase in hands-on-keyboard intrusions in 2025 compared to previous years.