1. Home
  2. Initiatives
  3. Scam School
  4. MFA Fatigue

MFA Fatigue

Scam School video - MFA Fatigue

How the Scam Works

After obtaining your username and password, scammers relentlessly attempt to log in to your account creating annoyance to frustrate you. If you’re not aware of this scam, you may not realize that it is in fact someone trying to log in to your account. Scammers have been successful in annoying people to the point of accepting the multi-factor approval. Victims just want the alerts to stop and grant the access to the pop-up, giving scammers full access to their account. Once this happens, the scammers can gather info, and depending on the type of account they’ve logged into — can deploy malware, steal your money, or hold your account ransom.

How to Beat the Scam

If you get an influx of pop-ups you have to keep declining, that should be a red flag that someone is trying to get into your account. Regardless of how annoying, do not grant access. Scammers will eventually give up and move onto the next person.

A+ Tip

  • If you are getting the MFA alerts, it means that the scammer has your password and was able to get to the final step of the login process. Go in and change your password as soon as you can, and if you utilize that password in other places, change it there as well.

  • If you have a request to authenticate that comes in at a random time, maybe even overnight, this could still be someone trying to log in to your account, and you should change your password as soon as possible.