Today I witnessed a demo of how a phishing attack can capture the MFA tokens from a phishing-site-masquerading as an actual site and produce an account compromise. The attacker can steal the MFA creds and log into your session on O365 or others. The only way to prevent this is to detect & block additional sessions once an actual session is established. Again, I see that LastPass itself does this, but i am referring to ALL the sites user use.
... View more