MFA fatigue has become a popular tactic used by scammers when trying to gain access to your account. By bombarding you with frequent requests, the scammer hopes to get you to authenticate for them.
Some common ways they do this include:
- Lots of MFA requests coming one after another.
- A few MFA requests each day for an extended period of time.
- A person calls/texts you posing as a figure from a reputable institution that requests your MFA authentication as part of a company process.
Think you’ve been MFA spammed? If you receive any unsolicited MFA prompts, all calls, texts, and emails should be handled carefully to ensure no one gains access to your personal information. To make sure no one gains access to your account:
- Turn off notifications for the authentication method being spammed.
- Immediately change your password.
- When logging into your account, use one of your backup methods to authenticate.
- Access your security info in M365, and select Sign out everywhere.
- Contact the UWM Help Desk to report the incident.