Bypass two factor authentication: phishing and cookie session hijacking
Hacker Kevin Mitnick had an interesting YouTube video presenting how relying on 2FA can trick you in lowering your guard and become a victim for phishing attacks and cookie session hijacking.
You can see the YouTube video and his input at : https://www.youtube.com/watch?time_continue=1&v=xaOX8DS-Cto
He uses for the example a bogus domain similar to linkedin.com and an email sent to you Gmail – probably protected with 2FA :)) – from a “LinkedIn friend”. Simple phishing attack followed by cookie session hijacking and puff he gains control to your account. Of course 2FA is not intended to defend you from such attacks but sometimes having several layers of protection makes you feel in control and maybe disregard other threats.