Cloud account takeover has become a major problem for organisations. Between 2019 and 2021, account takeover rose by 307%. Many organisations use multi-factor authentication to stop fraudulent sign-ins. But its effectiveness has spurred workarounds by hackers. One of these is push-bombing.
When a user enables multi-factor authentication on an account, they typically receive a code or authorisation prompt of some type. The user enters their login credentials. Then the system sends an authorisation request to the user to complete their login.
With push-bombing, hackers start with the user’s credentials and take advantage of that push notification process. They attempt to log in many times. This sends the legitimate user several push notifications, one after the other. When someone is bombarded with these, it can be easy to mistakenly click to approve access.
Push-bombing is a form of social engineering attack designed to:
Additionally, businesses can use identity management solutions to install contextual login policies.
Microminder is the leading strategic IT business partner in the dental sector – we have been proudly supporting the dental community for over three decades.
We pride ourselves on building lasting relationships with our clients where they trust us with their IT strategy, implementation and ongoing support, allowing them to focus on patient care.
Our solutions, IT Support, Managed Services & VoIP Telephony are cost-effective and inspired by the latest technology, underpinned by market-leading technology partners such as Microsoft, Datto and Software of Excellence.
Microminder’s experts are passionate about technology and are always on hand to support and guide you, so please get in touch today:
Call us on 0208 799 6883 or follow us on social media.Back to News