INCOMING!  

We’re being bombed and our accounts are the targets!   

Multi-Factor Authentication (MFA) Bombing has become a popular tactic that scammers employ when trying to gain access to your account. By bombarding you with frequent requests, the scammer hopes to get you to authenticate for them using a few different methods. Some common ways they do this include:  

• Lots of MFA requests coming one after another 

• A few MFA requests each day for an extended period of time 
• A person who calls you posing as a figure from a reputable institution and requests your MFA authentication as part of a company process 

All unsolicited MFA prompts, calls, texts, and emails should always be handled carefully to ensure no one is accessing your personal information. If you have been MFA bombed, turn off your notifications to whichever authentication method you use, change your password as soon as possible, and get help at the UWM Help Desk. 

Think you’ve been MFA bombed in the past? Contact the UWM Help Desk.