top of page

MFA Bombing Is On The Rise

Multi-factor authentication (MFA) is an essential security measure in today’s world. By requiring a user to provide two or more distinct forms of identity verification to gain access to an account, network, or application, MFA adds layers of protection to online accounts and helps prevent unauthorized access, identity theft, and data breaches.


The latest assault on accounts with MFA protection is a brute force attack known as MFA Bombing. Cybercriminals flood a target’s phone, email or device with notifications trying to get them to confirm their identity, approve a login or change their password. The goal of MFA Bombing is to bully the target into confirming their identity and thus authenticate the hacker’s access to the account or device.


Starting with some account credentials they have stolen or gotten off the Dark Web, criminals initiate a series of attempts to reset a password that bombard the target with notifications to approve the login, change the password, etc. The aim of the perpetrator is to exhaust the target so they do whatever it takes to make the assault stop. Unfortunately, once MFA Bombing starts, a target has to wait it out.


MFA Bombing is a type of social engineering that relies on human error. There is a manipulative urgency that may drive targets into taking action and revealing sensitive information.


If you find yourself a target of MFA Bombing, exercise extreme patience and vigilance.

Do not click “Allow” or “Don’t Allow” or any other quick fix that notifications offer. Some hackers send calls from bogus numbers labeled “Support” that deceive the target into giving the credentials the hackers seek. Remember, any legitimate platform or account provider will never initiate a support call.


bottom of page