Security Alerts

  • Home
  • Security Alerts

MFA Fatigue attacks are putting your organization at risk

The rapid advancement of technology in all industries has led to the threat of ever-increasing cyberattacks that target businesses, governments, and individuals alike. A common threat targeting businesses is MFA fatigue attacks—a technique where a cybercriminal attempts to gain access to a corporate network by bombarding a user with MFA prompts until they finally accept one. MFA refers to multi-factor authentication, a layered end-user verification strategy to secure data and applications. For a user to log in, an MFA system needs them to submit various combinations of two or more credentials. Using MFA Fatigue attacks, cybercriminals bombard their victims with repeated 2FA (two-factor authentication) push notifications to trick them into authenticating their login attempts to increase their chances of gaining access to sensitive information. This attempt can be successful, especially when the target victim is distracted or overwhelmed by the notifications or misinterprets them with legitimate authentication requests.