General
Clone Detection is a feature of Attic Security as part of login protection. It protects your organization against AiTM (Adversary-in-The-Middle) phishing attacks. It adds a small tracker to the styling of your Microsoft 365 login page that enables Attic to detect when an employee visits a malicious copy of your legitimate Microsoft login page.
The feature is part of a broader set that together form Login Protection. Read the overarching story here: Attic Login Protection.
Rationale
AiTM attacks are advanced phishing techniques where attackers create fake login pages that look identical to legitimate Microsoft 365 login pages. These attacks are especially dangerous because they can bypass traditional security measures such as multi-factor authentication.
Attic Fix
For this check, an automated FIX is available! If Attic has write access to your Microsoft configuration, the fix will be suggested via an Attic ticket.
Manual instruction
The manual installation of Login Protection in the Microsoft 365 configuration is described in a separate article: Setup Guide.
Comments
0 comments
Please sign in to leave a comment.