- Cyber Safety
- Posts
- Not Fooling Anyone: Fake Decoys, MFA Reset Gaps & Remote Metadata Risks
Not Fooling Anyone: Fake Decoys, MFA Reset Gaps & Remote Metadata Risks
In partnership with
You Don’t Need to Be Technical. Just Informed
AI isn’t optional anymore—but coding isn’t required.
The AI Report gives business leaders the edge with daily insights, use cases, and implementation guides across ops, sales, and strategy.
Trusted by professionals at Google, OpenAI, and Microsoft.
👉 Get the newsletter and make smarter AI decisions.
Decoy Accounts Aren’t Fooling Smart Recon Bots
Attackers are running AI-driven scans that identify decoy accounts by lack of social proof, login activity, or data engagement—rendering static honeypots ineffective.
Rotate decoys dynamically. Add realistic behaviors (email traffic, role-based access) and monitor for targeted interaction, not just login attempts.
Internal Link Shorteners Are Creating Blind Spots
Custom tools like go/short or branded redirectors often bypass link scanning and SIEM visibility—making them useful for internal phishing or lateral movement.
Log all redirects. Require SSO for internal link creation and flag links that point outside of your corporate domain space.
The Gold standard for AI news
AI will eliminate 300 million jobs in the next 5 years.
Yours doesn't have to be one of them.
Here's how to future-proof your career:
Join the Superhuman AI newsletter - read by 1M+ professionals
Learn AI skills in 3 mins a day
Become the AI expert on your team
Browser Notification APIs Are Being Abused for Persistence
Phishing kits and rogue extensions use browser push notifications to simulate auth prompts, fake app updates, or silent data collection—especially post-login.
Block notification access for non-whitelisted apps. Warn users on persistent notification attempts from inactive tabs or expired sessions.
Legacy Finance Tools Are Still Running Without SSO
Critical accounting and finance platforms often operate outside SSO protections—due to licensing, compliance audits, or vendor limitations.
Map all tools to identity providers. Sunset non-SSO platforms or front them with reverse proxy MFA enforcement.
Smart Home Devices in Remote Offices Are Collecting Metadata
Execs working from home may have smart doorbells, TVs, or assistants that log Wi-Fi activity, motion, and voice—leaking behavioral patterns through cloud integrations.
Segment home office devices on guest networks. Disable default cloud sync and anonymize network names when possible.
Help Desk Workflows Are Being Subverted to Reset MFA
Attackers impersonate employees via call or chat, referencing public LinkedIn info, to request MFA resets—exploiting empathy and urgency.
Require callback verification. Create high-friction reset flows and review all MFA resets manually for privileged roles.
Fact-based news without bias awaits. Make 1440 your choice today.
Overwhelmed by biased news? Cut through the clutter and get straight facts with your daily 1440 digest. From politics to sports, join millions who start their day informed.