As growing numbers of organizations shore up their IT security by deploying multi-factor authentication, the technology is becoming an increasing target for cybercriminals.
No longer able to gain access to IT infrastructures simply by stealing passwords and identity credentials, the criminals now need to overcome the requirement to have additional authentication factors.
To succeed in this aim, cybercriminals are increasingly undertaking so-called ‘MFA fatigue’ attacks. These attacks take advantage of the ‘push prompts’ to mobile devices that are used by many MFA platforms.