Two-factor or multi-factor authentication is a great tool to help fight back against cyber criminals and keep your data safe. We always recommend setting up multi-factor authentication on devices and applications wherever possible because it makes it a lot harder for someone to gain access to your accounts. However, cyber criminals are always on the lookout for new ways to trick unsuspecting victims to get passed additional security measures.
Normally with multi-factor authentication you would have your regular login credentials like an email and password as well as an authenticator app or a device such as your phone where you would receive an additional login approval request. But one of the latest tactics these criminals are employing is to call up their target and ask them to approve the authentication request that comes up on their device.
It may seem obvious that you should not approve this request but these criminals can be very convincing and pressure you into feeling like it is urgent and that you need to act immediately. They may pretend to be from your company such as someone in your IT team or in a position of authority. We’re also much more likely to be protective of numbers like a pin but less likely to be concerned about clicking a button that says “Approve” which is why this scam has been working for these criminals. It’s important to remember that approving something you’re not sure about can be just as serious as sharing a pin.
The best thing to do is be aware of this new tactic and know that you shouldn’t ever approve an authentication request from someone who has called you out of the blue. It is always best to wait and check with someone in person or call a trusted number such as your IT Helpdesk to find out if the request is legitimate.
Read more about our Cyber Security Services
Head over to our Cyber Security Resource page to view some of our Top Tips in Infographics
Find out more about what you should do if you get a scam call