Multi-factor authentication (MFA) protects against online account abuse, but as cyberattacks continue to grow in sophistication, hackers have found ways around it. A recent Akamai Security blog post, Massive Campaign Targeting UK Banks Bypassing 2FA , written by my colleague Or Katz, is a great insight into how attackers used very simple techniques to bypass two-factor authentication (2FA) security to obtain access to U.K. consumers' bank accounts. \r\n The attack started with an SMS message to the victim's phone saying that there was suspicious activity on their account; for example, a suspicious payee had been added or there had been a suspicious transaction on their account. The SMS linked to a fake bank login page that allowed the attacker to grab the victim's username and password, which the attacker used to log in to the legitimate login page. That login sent a genuine one-time password (OTP) to the victim's phone.…