The countless benefits of multi-factor authentication (MFA) when it comes to protecting networks from identity-related attacks are known to all. Still, many organizations and individuals are still experiencing MFA Prompt Bombing that helps attackers infiltrate and access your accounts.
In this blog, we will be reading about what is MFA Prompt Bombing and what you can do to stay protected.
In the case of an MFA Prompt Bombing, a cyber thief or hacker manages to get hands-on login credentials for an account with multi-factor authentication (MFA). Thereafter, a legitimate user is bombarded with multiple authentication requests hoping for MFA fatigue to kick in. The primary purpose of MFA Prompt Bombing is for the legitimate user to accidentally approve one of the requests in frustration so they can get rid of the annoying notifications. Once that happens, the cyber thief or hacker gets complete access to the compromised account.
To stay protected, it is best to never approve uninitiated MFA prompts. In case you believe the security of your account has been compromised, you should immediately inform your IT team and ensure that the highest standards of data privacy and security are maintained at all times.
It is also recommended that your organization should configure the log analytics wizard in Azure Active Directory to identify which methods and device types are generating the most prompts. The next step is to identify the operating systems that generate the most MFA prompts. This will give you a complete idea if any users appear under the “Risky Sign-In” section on the Azure admin page, if one or more accounts are under attack, or if something malicious is happening right under your nose.
At C.I.G Consultants, we are dedicated to helping your organization stay protected against new and rising cyber threats. Our team of Dynamics 365 security experts would be more than happy to help you set up MFA properly and avoid threats such as MFA prompt bombing.