The Fight Against MFA Fatigue Attacks

By
1 Minute Read

Earlier this week, Microsoft will began enforcing number matching for the Microsoft Authenticator Two-Factor Authentication alerts. 

Why is this being done?

Cybercriminals are targeting individuals by sending a plethora of push notifications prompting the user to approve a sign in to their corporate account. Users all over are falling victim to these attacks both mistakenly and in attempts to stop these notifications. In efforts to avoid Multi-Factor Authentication spam attacks, Microsoft has started enforcing number matching in Microsoft Authentication notifications. 

This new security feature was created in attempts to block something called "MFA fatigue attack" attempts. Number matching will serve as an upgraded security method from traditional MFA. 

What does this mean for you?

You will begin being prompted for number matching on Microsoft Authenticator Two-Factor Authentication alerts. The prompt will resemble the image below. 

Number Matching

(Image Source: Bleeping Computer)

Although Number Matching is a step up in security, hackers are constantly looking for new ways to "get in". Always stay alert, think before you click or login and stay updated on phishing scams to be aware of.