#40
October 25, 2021
EP40 2021: Phishing is Solved?
Guests:
- Elie Bursztein, security, anti-abuse and privacy researcher @ Google
- Kurt Thomas, security, anti-abuse and privacy researcher @ Google
Topics covered:
- Can we say that “Multi-Factor Authentication (MFA) - if done well - fixes phishing for good” or is this too much to promise?
- What are the realistic and seen-in-the-wild bypasses for MFA as a protection?
- How do you think these controls fare vs top tier attackers (clearly, they work vs commodity threats)?
- What do we know about burden vs value of MFA today?
- What can we realistically do to increase MFA/2FA adoption to the 90%s?
- Can we share anything about what we’re seeing as industry benchmarks on MFA adoption so far?
- We’ve seen a lot of ugly debates over the value of SMS as MFA, what is your research-based take on this?
View more episodes