You may have heard of multi-factor authentication, also referred to as MFA. This security measure provides additional protection to fortify your accounts, devices, data, and systems. It’s important to prioritize your online security, as a breach could have consequences like identity or financial theft and business disruption.
What Is MFA?
MFA is a multi-step login process. When you log into an account online, you typically must enter a username and password. MFA adds an additional step, requiring what’s known as “authentication factors.” These can include:
• Something you know: a password or PIN
• Something that you have: a smartphone, smart card, or secure USB key
• Something that you are: your fingerprint, retinal scan, or facial scan
Enabling MFA can help prevent a breach, even if an attacker already has your username and password. However, MFA does not guarantee protection.
What Are MFA Bypass Attacks?
Cybercriminals are always looking for ways to reach valuable data. MFA bypass attacks avoid and circumvent multi-factor authentication. The most common forms of an MFA bypass attack include:
• MFA fatigue attacks - The attacker delivers a high volume of requests for you to authenticate access, also known as spamming with push notifications. This is intended to gradually fatigue the user until they accidentally accept a request or do so to stop the requests.
• Token theft - One example is a “Pass the Cookie Attack,” where an attacker can bypass MFA authentication by compromising browser cookies.
• Adversary-in-the-Middle (AitM) attacks - A new breed of phishing software can bypass MFA. Attackers use these tools to compromise browser sessions and steal credentials or session cookies in real time
How To Avoid MFA Bypass Attacks
The most effective prevention is using strong, unique passwords for all your accounts. If you find yourself being the target of an MFA Fatigue attack you should change your password. Token Theft and AitM attacks involve accessing malicious login portals so the attacker can capture your MFA tokens. If you ever find yourself receiving a suspicious email, or find yourself on a potentially risky site and you aren't sure about the legitimacy, the best thing to do is stop and report the incident to the IT Helpdesk. Our staff can investigate potentially malicious login websites and emails.