Phishing attacks have spiked in 2020, with cybercriminals taking advantage of user fatigue – especially when it comes to alerts such as Multi-Factor Authentication.
These attacks use harvested credentials and push MFA alerts to unsuspecting users. Even if they’re not actively signing into an account, many users automatically approve these MFA requests.
Always double-check before approving any sign-in, and be sure to run strange login requests by your IT department.