How Attackers Use Single Sign-On in Phishing Pages & Steal Credentials?
With the ever-increasing use of technology, cybercrime has become a common issue. Recently, malicious pages have been reported in order to influence Single Sign-On (SSO) to steal credentials of users. With the popularity and ease of SSO among widely used websites, this type of phishing attack has grown significantly.
But are you familiar with Single Sign-On? Well, if not, here is a tutorial to guide you through SSO.
SSO – Single Sign-On
Single sign-on, abbreviated as SSO, is a user authentication service. It allows users to use one set of login credentials (name and password) to access multiple applications. It does not require the user to remember multiple sets of credentials for different accounts. The process to eliminate the password prompts for each application during a session improves the user experience. This is usually practiced by enterprises, smaller organizations, and individuals to mitigate the management of various usernames and passwords.
Single sign-on is usually accomplished by authenticating the user against a repository like Lightweight Directory Access Protocol (LDAP). Among many popular applications available on the web, that offer SSO to users includes Google, Facebook, and Twitter.
SSO can also be extended to third-party services. For instance, some applications allow users to access their account using Facebook or Google’s authentication. But how is it abused? Let’s have a look.
SSO Abuse
The availability of Single sign-on is steadily increasing across various applications and this has led many hackers to misuse it. Malicious web pages have been reported to bluff users to be the sign-in pages of applications like Dropbox. When people enter their user credentials, the data is harvested, despite logging them into the intended application.
Before the popularity of Single sign-on, hackers used to create a separate page for each service to steal the user credentials. But with the advent of new techniques, they are able to create a single phishing page.
How Can You Protect Your Data From This Cyber Attack?
The best way to protect yourself from SSO phishing attacks is to enable two-factor authentication. A secondary authentication makes it difficult for hackers to access your account. In addition to this, it is not advisable to use SMS as the secondary authentication, as it is not as secure as other methods.
Neumetric, a cybersecurity services, consulting & product organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the business objectives of the Organization.
