Cybercriminals are constantly finding new ways to bypass multi-factor authentication (MFA). Multi-factor authentication is a security measure that requires users to provide two or more pieces of information to verify their identity when logging in to an account.
One of the methods used by attackers is MFA prompt bombing which involves sending a user multiple MFA requests in a short period of time.
This can overwhelm the user and make them more likely to approve a request that they would not normally approve. For example a cybercriminal might purchase stolen credentials for an Uber employee. They would then use these credentials to try to log into the employee’s account. If the account is protected by MFA, the cybercriminal would start sending the employee multiple MFA requests.
The employee might be so overwhelmed by the number of requests that they would approve one of them without thinking. This would give the cybercriminal access to the account.
MFA prompt bombing is a serious threat, however, there are steps that organizations can take to protect their users. One important step is to limit the number of MFA requests that can be sent in a short period of time.
Organizations should also educate their users about MFA prompt bombing and how to avoid it. Users should be told to be suspicious of any unexpected MFA requests, and they should never approve a request if they are not sure who it is from.
Also, users should use risk-based authentication to identify and block suspicious login attempts. They should also implement a strong password policy that requires users to create unique and complex passwords.
Additionally, users are urged to use a password manager to help users manage their passwords securely.
The sources for this piece include an article in CPOMAGAZINE.