Clone Detection [CHK-1109]
Clone Detection is a feature of Attic Security that protects your organization against AiTM (Adversary-in-The-Middle) phishing attacks by adding a small tracker to your Microsoft 365 login page.
Rationale
AiTM attacks involve the creation of fake login pages that look identical to legitimate Microsoft 365 login pages. These attacks can bypass traditional security measures such as multi-factor authentication.
Fix
An automated fix is available through Attic. If Attic has write access to your Microsoft configuration, the fix will be suggested via an Attic ticket.
For manual steps: Contact your Attic operator to enable the Clone Detection feature for your environment. Note that it may take up to 24 hours for the feature to be fully activated.
Impact
Activating Clone Detection strengthens your defenses against AiTM phishing attacks by identifying and alerting on visits to malicious copies of your Microsoft login page.