Hackers have been utilizing a new scheme to steal your two-factor authentication code information in order to gain access to your accounts. The cyber-attack usually results from a fraudulent phone call claiming to be from the financial institution or company you hold your account with, such as PayPal.


“The fraudster used a type of bot that drastically streamlines the process for hackers to trick victims into giving up their multi-factor authentication codes or one-time passwords (OTPs) for all sorts of services, letting them log in or authorize cash transfers. Various bots target Apple Pay, PayPal, Amazon, Coinbase, and a wide range of specific banks.” (Vice).  


Two-factor authentication, or 2FA, is a security feature used by many companies to protect your account from hackers.


“2FA is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. First, a user will enter their username and a password. Then, instead of immediately gaining access, they will be required to provide another piece of information.” (Authy).  


The new bot technology being utilized by cyber criminals allows for them to trick you into giving them your authentication codes so they can gain access to your account.


“When the bot places the automated call and asks the victim to enter a code they just received, the hacker will simultaneously trigger a legitimate code to be sent from the targeted platform to the victim’s phone. They may do this by entering the victim’s username and password on the site so the victim receives a login or authorization code. Although the script in the call may tell the victim that the code is for one purpose—perhaps blocking a cash transfer or protecting their account from unauthorized entry—in reality the hacker is using the code to enter the account themselves.” (Vice).


Once the hacker gains access to your account, the results can be disastrous.


“For consumers, the after-effects of targeted hack or identity theft can be devastating. Stolen credentials are used to secure fake credit cards and fund shopping sprees, which can damage a victim’s credit rating. And entire bank and cryptocurrency accounts can be drained overnight. A recent study revealed that in 2016 over $16 billion was taken from 15.4 million U.S. consumers. Even more incredible, identify thieves stole over $107 billion in the past six years alone.” (Authy).


There are multiple apps that these bots are targeting, according to Vice.


“The bots could also be used to obtain codes generated by a multi-factor authentication smartphone app, such as Google Authenticator. The principle is essentially the same—tricking the target to hand over a code to the hackers. Beyond sites or services such as Amazon, PayPal, and Venmo, some of the bots also target specific banks, such as Bank of America and Chase.” (Vice). 


As a low cost option for hackers, these phishing bots are growing in popularity amongst cyber-criminals. With 2FA being one of the ways one protects themselves, there is notions that companies need to find more solutions.


“With these bots that cost a few hundred dollars, anyone can start getting around multi-factor authentication, a security measure that many members of the public may assume is largely secure. The bots' existence and increased popularity raises questions on whether online services need to offer more phishing-resistant forms of authentication to protect users.” (Vice).  


Phishing is listed as the Association of Manufacturers top cyber-security risks of 2022, and with this new strategy being used by threat actors, its essential to stay aware of the risks.


Have any questions about cyber-security? Responsive Technology Partners is the leading cyber-security expert in the Athens, Metter, Milledgeville, Vidalia, and Atlanta, Georgia areas. We also have locations in Tampa, Florida, Roanoke, Virginia, and Raleigh South Carolina. Please check out our website to learn more: https://www.responsivetechnologypartners.com/.












Cox, Joseph. Vice. “The Booming Underground Market for Bots That Steal Your 2FA Codes.” 2 Nov. 2021. https://www.vice.com/en/article/y3vz5k/booming-underground-market-bots-2fa-otp-paypalamazon-bank-apple-venmo?utm_source=tldrnewsletter 


Twilio. Authy. “What is Two Factor Authentication (2FA)?” https://authy.com/what-is-2fa/ 


Association of Equipment Manufacturers. “2022’s Top Manufacturing Cybersecurity Risks.” 4 Nov. 2021. https://www.aem.org/news/2022s-top-manufacturing-cybersecurity-risks