Microsoft is taking new measures to prevent spam. To stop spam attacks, they have introduced a new feature in the multi-factor authentication (MFA) app Microsoft Authenticator. According to a report, Microsoft has introduced ‘number matching’ in push notifications. This multi-factor authentication will help prevent attacks relying on push notification spam.
This multi-factor authentication performs ‘number matching’ when approving requests. The authenticator app then asks the user to ‘enter’ the number shown on the sign-on screen rather than just selecting ‘approve’. This will be very useful for admins who are not prepared for multi-factor authentication attacks.
This feature is currently only available for admins. However, Microsoft claims that by February 2023, all authenticator users will be able to default to this ‘number matching’.
To avoid unintended authorization, admins can set up to use application context and location context. Once the new feature defaults to the authenticator app, admin rollout control will be changed.
Cyber attacks are on the rise. As technology improves, so does the activity of criminals. Microsoft has also seen signs of such aggression. Earlier this year, security researchers discovered an ‘MFA’ attack targeting Office 365 users. As a result, the authorities are shaken.
Reportedly, in this attack, fraudsters generate continuous MFA push alerts when attempting to log into a victim’s account using a password.
Apart from this, Microsoft is also taking another approach. Earlier this year in January 2022, Microsoft launched the HoloLens 2. It was launched as a successor to the Origin HoloLens. The device has sensors to track the brain and eyes and allows users to connect to holograms.