Cybersecurity Is an Absolute Necessity: Beware the MFA Prompt Bomb!

Nowadays, modern banking has to vigilantly protect you and your accounts from more innovative and increasingly relentless cyberattacks. Domestic and international criminals and malcontents are constantly evolving. They use artificial intelligence, quantum computers, and a devious nature to rapidly morph their attacks, move faster, and attack from multiple places than ever before.

Table of Contents

• Top-Notch Banks Thwart Criminal Activity.

• Keeping Clients Informed Is Key.

• MFA Prompt Bombing Example

• What can you do to try to keep this from happening to you?

• Stay Alert to Unusual Patterns.

• All of us at Lexicon Bank are happy to help you.

Top-Notch Banks Thwart Criminal Activity.

Did you know that top-notch banks and security companies are always on their toes, constantly reviewing and improving their counter strategies and tactics? It’s fascinating how they stay ahead of the game. We employ cybersecurity specialists who run internal and external penetration tests to ensure our systems are hardened. We constantly investigate and review newer and evolving technologies and software. We share with other honorable and secure banks, financial associations, and security firms to stay abreast and, whenever possible, in front of what is new in the banking security sector.

Keeping Clients Informed Is Key.

A crucial part of our resilient strategy is our Quarterly Cybersecurity Report. The second Quarter Cybersecurity Report is out and has been emailed to you. If you did not receive it or have a friend or colleague you would like us to send it to, please contact us. The security of our cherished client accounts is of paramount importance.

Of particular note, this 2nd Quarter Cybersecurity report covers Multi-Factor Authentication (MFA) bombing.

You are undoubtedly already using Multi-Factor Authentication to access accounts in many instances. Most likely, you are unaware of the attacks attempting to penetrate them.

Criminals often phish and pose as real businesses. They approach people via texting, email, or advertising. Their unauthentic outreach materials usually look legit, just like the company you are used to dealing with. The phishing content has the correct logos, colors, and layouts. Even the headers and footers look right. Be on guard. Relentlessly check the sources of incoming, non-solicited contacts. Look to be sure the URLs are from the correct company addresses. Look at the sources of text messages. If you do not recognize them, do not engage with them. Remember, evildoers often use confusion and misinformation to get you to give away key credentialed information.

MFA Prompt Bombing Example

Below, please look at this real-life example of “MFA prompt bombing”:

This tactic takes advantage of the push notification feature in modern authentication apps. After compromising a password, attackers attempt to log in, sending an MFA prompt to the legitimate user’s device. They rely on the legitimate user to either mistake it for a genuine prompt and accept it or become frustrated with continuous prompts and accept one to stop the notifications. This technique, known as MFA prompt bombing, poses a significant threat.

In a notable incident, hackers from the Oktapus group compromised an Uber contractor’s login credentials through SMS phishing, then continued with the authentication process from a machine they controlled and immediately requested a multi-factor authentication (MFA) code. They then impersonated an Uber security team member on Slack, convincing the contractor to accept the MFA push notification on their phone.

What can you do to try to keep this from happening to you?

1. Whenever possible,  use an MFA Authentication app over text messaging.

2. If you have multiple accounts utilizing the same MFA Authentication application, remember to label them to know which account is sending you MFA requests.

3. If you do begin to receive MFA requests and you’re sure it’s not you initiating them, changing your password for that account is a good first step. Typically, if you’re receiving MFA requests, that means that bad actors have already gotten your password, and MFA is what is preventing them from getting access to your account.

Stay Alert to Unusual Patterns.

As you can see above, criminals use our natural human tendencies against us. A key to thwarting their activities is to stay alert to unusual patterns of contacting you or requesting information. The human strength of “pattern detection” is armor. But be aware that our “familiarity with patterns” can be dangerous, such as when we mindlessly click on a new incoming email from a familiar business name.

All of us at Lexicon Bank are happy to help you.

When you have questions or doubts about a contact from Lexicon Bank, always contact us. We are all committed to providing high-quality, personalized service and ensuring that our clients are protected. Your safety and success are our top priority.