While Multi-Factor Authentication (MFA) has become a premier tool to protect your accounts from being hacked by a cybercriminal, hackers are trying to find ways to overcome its benefits and use it to enter your accounts.
One typical attack is for a cybercriminal to obtain the ID and password for one of your accounts then try to sign in. If the account is set up with MFA then it will send a code or ask for confirmation to open up the account. If you do not approve the login, the cybercriminal will continue to try to login repeatedly hoping that you will become annoyed or “fatigued” enough to give up and allow the login to continue.
Krebs on Security reports that it has received reports of criminals using this technique with a twist against Apple customers. The cybercriminals will try the classic MFA fatigue attack. But if their victim doesn’t approve a login, they will call the victim up claiming to be from Apple support. They tell the victim that they are under attack and that Apple support needs to “verify” a one-time code. Of course, the code is the standard MFA notification with a code to enter or a selection to approve or disapprove logging in.
The attack on Apple systems may take advantage of bugs unique to Apple. Krebs on Security observes that changing your account phone number to a VOIP phone number might help. Also, using an email alias could also help. See the Krebs on Security article below for details.
If you receive a notice to approve a login and you are not logging into your account, then obviously you should deny the request. Someone is trying to get into your account that you do not want in there. If the notifications are persistent and numerous, after the attack subsides (assuming that it does stop) change the password to your account to another strong password. Changing your password should prevent someone with your old password from trying to login in the near future.
Krebs on Security:
https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
National Cybersecurity Alliance:
https://staysafeonline.org/resources/multi-factor-authentication/
Wikipedia:
https://en.wikipedia.org/wiki/Multi-factor_authentication_fatigue_attack
No comments:
Post a Comment