The CEO scam: The hacker impersonates the person heading up the company and requests a transfer or bank credentials for an urgent financial transaction.
The technical department: This sees the “IT Department” contacting you on some pretext (an email problem, an update, etc.). This circumvents two-factor authentication. The hacker will send out a sign-in request and ask the victim to enter their code.
Vishing: A phone call from “the bank” or “a partner” will ask you to enter your two-factor authentication code. Your adviser’s number is displayed and so of course you do as you are told. Phone number spoofing is becoming increasingly common and can target anyone on a day-to-day basis.