Multi-Factor Authentication, called "MFA Bombing", also known as "MFA Fatigue", is when a cybercriminal repeatedly sends MFA requests to a victim’s registered device. The goal is to overwhelm the victim with notifications, hoping they will approve one out of frustration or confusion, granting the attacker access to their account.
Typically, attackers obtain stolen credentials through phishing, credential stuffing, or purchasing them on the dark web. Once they have the login details, they attempt to sign in to the victim’s account, triggering the MFA push notifications. These notifications can be received via email, text message, or authentication apps like Duo.
Some attackers will impersonate tech support; they will call the victim and pretend to help resolve an issue while tricking them into approving the login.
What Should You Do If This Happens To You?
- Authentication calls from Duo will only come from (603) 646-2999
- Dartmouth staff will never ask for your password or Duo passcodes.
- Don’t approve any DUO requests that you did not initiate
- When possible, use the Duo Mobile App.
- Report fraudulent Duo Calls to Client Technology and Consulting (help desk) IMMEDIATELY to 603-646-2999
More Information on MFA Bombing