MFA (Multi-Factor Authentication) is an added step to the login process that helps protect your account. Sometimes this process is a one-time code sent to your phone, a code shown in your application to enter, the pop-up alert in your application to approve, or a robocall to your phone asking you to approve a login.
This extra step keeps attackers out of your account because they can’t get this code directly in most cases. However, as they commonly do, attackers have devised several schemes to get around this. Sometimes, they send a login request hoping the end-user will click “Approve,” thinking they might have triggered the message somehow. Sometimes they will call you pretending to be “Microsoft” or “Apple” and ask you to read them the code because of a problem with your account. Caller ID is frequently faked. In any of these scenarios, it’s important to remember that this verification code is just like a password – it should never be disclosed to anyone except the website requesting it!
As with your password, if there is a legitimate need for an IT Support person to have this information, they have ways to work around or reset this information. You should never need to provide either. Always report any suspicious cyber activity to your IT department. They can assist in verifying anything suspicious. Your report may also prevent others from being attacked.
As a reminder:
Report any suspicious verification attempts to your IT department.
CBTS | Hawaiian Telcom has been helping many customers improve their cyber security posture. Solutions like Email Security, Endpoint Protection, or even Managed IT, can greatly lessen the risk of a cyber attack. If you would like to chat more about securing your business please call us at 808-777-6027 or visit our website for more information.