Citrix Systems, Inc.
Preventing phishing attempts of one-time passwords

Abstract:

A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to identify a first domain name associated with a website that served a login form to a web browser. The at least one processor is further configured to identify a one-time password (OTP) entry request served from the website in response to transmitting user credentials to the website. The at least one processor is further configured to identify a second domain name associated with an OTP server that provided an OTP. The at least one processor is further configured to perform a security action in response to determining that the first domain name differs from the second domain name. The security action may include blocking a response to the OTP request from the website, providing a warning, and/or obtaining confirmation for the response to the OTP entry request.