Push Fatigue Attacks Succeed 5% of the Time, Surge in the Morning, Researchers FindMultifactor authentication is a must-have security defense for repelling outright credential stuffing and password spraying attacks. But no defense is foolproof. Attackers have been refining their tactics for bypassing MFA, including using technology and trickery.

    • Dud@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      5 months ago

      Mine can do push but it also requires a code to be inputted from wherever the log in point is. Sounds like either shoddy MFA or incredibly dense users.

  • laranis@lemmy.zip
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    I got one of these scam calls saying they were my bank and they saw suspicious activity on my account and just needed me to read back the numbers on the SMS message they were about to send me to confirm they reached the right person.

    Um, no. That’s not how that works. But I realized just about everyone in my less tech savvy family would have done it instantly. I called everyone I could think of and warned them never to do this but I have no idea if it really sank in.