The number of fake sites aiming for two-step verification is increasing rapidly

The number of fake websites aiming for two-step verification is increasing rapidly.

k10012163321_201911040613_201911040613.mp4

Information security companies are calling for attention as the number of fake sites aimed at “two-step authentication” used to increase security in Internet payments is increasing.

Two-step authentication is a method of verifying the identity by sending an additional PIN to a smartphone registered in advance when logging in, and is introduced in Internet banking and online shopping as it is effective in preventing unauthorized access. It is.

According to a survey by an information security company, 94 fake sites aimed at this “two-step verification” were confirmed in September alone, and more than doubled from the previous month.

As a specific technique, pretend to be a legitimate financial institution, steal information to a fake site to steal ID and password, and then enter the PIN code for two-step authentication sent to smartphones etc. A message prompting you to do so.

If there is a sense of incongruity, such as a security company requiring you to enter a PIN with a procedure different from usual because there is a risk of being illegally settled if you enter it, check the site again We are calling for attention.

Trend Micro's Kazunori Yamagai, who was in charge of the survey, said, “It is not a worry because it is a two-step verification, but before you enter the information, you should stop and check it.”