Bugged, Bothered and Bewildered

The Rise in MFA Fatigue Attacks

October 4, 2024 —

Cybersecurity experts are warning of a new wave of cyberattacks from threat actors targeting multi-factor authentication (MFA) systems, known as MFA fatigue attacks. These attacks, also referred to as MFA bombing or spamming, are designed to exploit the very systems meant to protect users from unauthorized access.

What Are MFA Fatigue Attacks?

MFA fatigue attacks involve cybercriminals sending a barrage of authentication requests to a user’s device. The goal is to overwhelm the user with notifications, leading them to inadvertently approve one of the requests. This approval grants the attacker access to the user’s account, bypassing the security provided by MFA.

How Do These Attacks Work?

Typically, attackers first acquire the victim’s login credentials through phishing or other social engineering tactics. Once they have these credentials, they initiate a flood of MFA requests to the user’s email, phone, or registered devices. The constant stream of notifications is meant to cause confusion and frustration, increasing the likelihood that the victim will approve one of the requests.

What do I do if I receive multiple unfamiliar push notifications?

If you believe you are being targeted in an MFA fatigue/spam attack and you are bombarded with MFA push notifications, do not panic, do not approve the MFA request and do not engage with unfamiliar individuals claiming to be from the university. Instead, contact the IST Service Desk and explain that you believe your account has been compromised and is under attack.

You should also change the password for your account, if possible, to prevent the hacker from continuing to log in and generate further MFA push notifications. Once your password has been changed, the threat actor will no longer be able to issue MFA spam, giving the Information Security and Compliance team some time to investigate.

For more information on how to protect your accounts, visit Information Security and Compliance or contact the IST Service Desk.

IST Communications

Banner Administration pages upgrade coming this August 2024, time to prepare!

Banner Administration Pages & Aurora Self Service will be upgraded to the latest version starting August 23, 2024, at 4:00 p.m. to August 25, 2024, at 9:00 a.m. This upgrade will bring important security enhancements and focus on improving the quality of the Administration Pages & new Aurora Self Service so we can continue to ensure our environment remains up to date and protected against cybersecurity threats.