Also known as “prompt bombing,” was found to be a common technique utilized for access during recent cyberattacks. The objective is to send the target’s phone a barrage of notifications asking for sign-in authorization in the hope that the target will mistakenly think there is a problem with the MFA application. These notifications are designed to frustrate the target and finally authorize a request to stop receiving notifications. Once this occurs, the threat actor has access to everything the MFA application was designed to protect. When a victim receives an excessive number of prompts or notifications to their mobile device, this is referred to as MFA fatigue.
Tips to identify MFA Fatigue
1) The most crucial factor in preventing MFA Fatigue attacks is awareness and information. Your users will be less likely to fall prey to these attacks if they are aware that they exist.
2) Confirm the identity of a call, email, or message with a colleague, when a person posing as a member of your IT team asks you to accept MFA requests that they are sending you
3) Be aware of notifications coming from a strange place, such as if the request originates in a different country or city from the one you’re in right now.
This method is only effective if the threat actor already obtains the login information for the targeted account because of a prior compromise, such as phishing or brute forcing.
Reach out to BMC Networks and get the right information to protect your business.