Topics Map > Security
Topics Map > Microsoft 365 > Known Issues

MFA Fatigue

MFA fatigue has become a popular tactic used by scammers when trying to gain access to your account. By bombarding you with frequent requests, the scammer hopes to get you to authenticate for them.

Some common ways they do this include:

Lots of MFA requests coming one after another.
A few MFA requests each day for an extended period of time.
A person calls/texts you posing as a figure from a reputable institution that requests your MFA authentication as part of a company process.

Think you’ve been MFA spammed? If you receive any unsolicited MFA prompts, all calls, texts, and emails should be handled carefully to ensure no one gains access to your personal information. To make sure no one gains access to your account:

Turn off notifications for the authentication method being spammed.
Immediately change your password.
When logging into your account, use one of your backup methods to authenticate.
Access your security info in M365, and select Sign out everywhere.

Contact the UWM Help Desk to report the incident.

Keywords	mfa, mfa fatigue, mfa bombing, bombing, fatigue, how to, authentication requests, auth requests, Suggest keywords	Doc ID	79286
Owner	Help Desk K.	Group	UW-Milwaukee Help Desk
Created	2018-01-16 09:34:11	Updated	2023-06-28 12:13:59
Sites	UW-Milwaukee Help Desk
Feedback	0 0 Comment Suggest a new document