________
REMINDER – ONLY 1 day left for Cyber Summit Early Bird registration!
Save $10 per attendee at the 2024 Cyber Security Summit by registering before 6pm Aug 9!
Click here for details and to register!
________
MFA is not foolproof!
As with any security technology, MFA, or Multi-Factor Authentication, is not foolproof. All security controls are only as good as the people who use them.
One way bad actors can bypass MFA controls and gain access to your account is called MFA Fatigue or MFA spamming.
How does MFA Fatigue work?
MFA Fatigue happens when a bad guy tries accessing your account, which sends an MFA prompt to your phone. The bad actor then does this over and over, effectively spamming your phone with MFA prompts. If your MFA solution is set to allow a click to confirm authorization, a user could accidentally click on the authorization, or become so tired of the constant notifications, they click to get rid of them.
That’s all it takes for a bad guy to bypass your MFA and gain access.
What do we do?
As always, be aware of the technology you are using and how it works.
If you didn’t attempt to login, DON’T click to allow access on your phone!
Also, if possible, set up your MFA to require a pin or code to enter to authorize your login.
As always, NGT is here to help!
Contact ngthelp.com with questions.