Multi-Factor Authentication (MFA) is an essential security measure that adds layers of verification to ensure a user’s identity. While it significantly enhances protection, cyber-criminals continually seek ways to circumvent it. One emerging tactic, known as “MFA Fatigue,” has successfully compromised accounts at major companies like Uber and Microsoft. Let’s explore how this attack functions and what defensive strategies can be implemented by our Fordham community.
MFA fatigue attacks aim to exhaust users. Hackers gain access to your account credentials (username and passwords) and then bombard you with a barrage of login attempts, generating a relentless stream of sign-in notifications. Out of frustration, you might eventually approve one of these malicious requests, inadvertently granting attackers access to the Fordham network.
So, how can you safeguard yourself? Organizations should limit the number of MFA requests their systems allow, implementing a threshold that blocks further attempts after a certain point. Additionally, using strong, unique passwords is crucial, as MFA fatigue exploits stolen credentials. A password manager can help generate and securely store these passwords. Finally, staying informed is vital: understand the risks, recognize unexpected MFA requests (usually coming in at odd hours of the day), and don’t hesitate to reach out to Fordham’s IT Help Desk if anything seems “phishy”.
Trending
- Google Groups Vulnerability
- What are the emerging cyber threats? – A focus on Ransomware
- Scholarships for Future Cyber Professionals
- Interdisciplinary Cyber: Why Cybersecurity Careers aren’t just for the Computer Wiz’s
- What is MFA Fatigue?
- Cybersecurity Awareness Month is Here
- ChatGPT Outage
- We Listened! Upcoming Changes to Cyber Security Awareness Training!