TechFlow News, March 5: According to a Cointelegraph report, Microsoft, Coinbase, and Europol have successfully dismantled the core infrastructure of Tycoon 2FA—one of the world’s largest phishing-as-a-service platforms. This platform specialized in tools designed to bypass multi-factor authentication (MFA), carrying out attacks by spoofing login pages and stealing session tokens.
Microsoft has blocked 330 domains associated with the platform, while Coinbase assisted in identifying the platform’s administrators through blockchain transaction tracking. Reports indicate that Tycoon 2FA accounted for 62% of all phishing attempts blocked by Microsoft in mid-2025, sending over 30 million phishing emails in a single month and impacting multiple sectors—including healthcare and education—resulting in severe consequences such as data breaches and financial theft.
Blockchain security firm Certik previously noted that phishing scams ranked as the second-largest threat in 2025, causing $722 million in losses for cryptocurrency investors.
