Push Fatigue Attacks Succeed 5% of the Time, Surge in the Morning, Researchers FindMultifactor authentication is a must-have security defense for repelling outright credential stuffing and password spraying attacks. But no defense is foolproof. Attackers have been refining their tactics for bypassing MFA, including using technology and trickery.

  • @Eheran
    link
    English
    35 months ago

    Why would my MFA app be able to push something? I open it when I need it.

    • @Dud
      link
      English
      2
      edit-2
      5 months ago

      Mine can do push but it also requires a code to be inputted from wherever the log in point is. Sounds like either shoddy MFA or incredibly dense users.

  • @[email protected]
    link
    fedilink
    English
    15 months ago

    I got one of these scam calls saying they were my bank and they saw suspicious activity on my account and just needed me to read back the numbers on the SMS message they were about to send me to confirm they reached the right person.

    Um, no. That’s not how that works. But I realized just about everyone in my less tech savvy family would have done it instantly. I called everyone I could think of and warned them never to do this but I have no idea if it really sank in.