Skip links

5 Tips to Reduce Push-Bombing in Your Organization

Cloud account takeover has become a major problem for organizations. Between 2019 and 2021, account takeover (ATO) rose by 307%. Many organizations use multi-factor authentication (MFA) as a way to stop fraudulent sign-ins. But its effectiveness has spurred workarounds by hackers. One of these is push-bombing.

How Does Push-Bombing Work?

When a user enables MFA on an account, they typically receive a code or authorization prompt of some type. The user enters their login credentials.

Then the system sends an  authorization request to the user to complete their login. With push-bombing, hackers start
with the user’s credentials and take advantage of that push notification process. They attempt to log in many times.

This sends the legitimate user several push notifications, one after the other. When someone is bombarded with these, it can be easy to mistakenly click to approve access.

Push-bombing is a form of social engineering attack designed to:
Confuse the user
Wear the user down
Trick the user into approving the MFA request to give the hacker access

Ways to Combat Push-Bombing at Your Organization

Educate employees
Reduce business app “sprawl”
Adopt phishing-resistant MFA solutions
Enforce strong password policies
Put in place an advanced identity management solution

Additionally, businesses can use identity management solutions to install contextual login policies. Need help with tightening up security or resources for your staff? Give us a call today and one of our experts will walk you through the process.