In 2022, phishing scams continued to hook into consumers and enterprise accounts. In fact, recent research from EMA revealed that 87% of surveyed businesses indicate that their organization experienced an identity-related security breach in the preceding 12 months. Many successes of the sophisticated phishing scams were due to legacy MFA implementations such as SMS, mobile auth, and OTP which aren’t phishing-resistant or equipped to stop these types of attacks.
Phishing-resistant MFA is multi-factor authentication (MFA) that is immune from attempts to compromise or subvert the authentication process, commonly achieved through phishing attacks, which includes but is not limited to spear phishing, brute force attacks, man-in-the-middle attacks, replay attacks and credential stuffing. Phishing resistance within an authentication mechanism is achieved by not only requiring that each party provide proof of their identity but also intent through deliberate action. MFA can be phishing-resistant via a FIDO authenticator such as the YubiKey, and also provide a smooth user experience.
YubiKeys have continued to help calm the seas, preventing phishing attempts against individuals, enterprises, election campaigns, critical infrastructure in Ukraine, and beyond. Yubico is proud to have donated tens of thousands of YubiKeys to more than 85 organizations through our Secure it Forward program – ensuring journalists, human rights organizations, and those working to further diversity in tech were protected by security keys. And we’re truly honored that we were named a winner of the Inc. Best in Business 2022 specifically for this program.
We continue to be grateful for the opportunity to make a difference in the world of internet security. As we wrap up 2022, we wanted to take a moment to look back at what the year brought us in cybersecurity, and provide a sneak peak into what companies can do to prepare for 2023.
We wish you a peaceful remainder of the year and look forward to being able to continue our mission of making the internet more secure for everyone.
