What is a fraudulent MFA request?

A fraudulent MFA request is one you receive that was initiated by someone else trying to sign in as you. Only approve MFA requests you initiate yourself, knowingly and intentionally.

 

Examples

  • You’re away from work and your smartphone suddenly displays an MFA notification. It comes as a surprise and may be fraudulent because you're not signing in to any systems.
  • You’re in your office when you receive an unexpected MFA call to approve a request to sign in. The call is a surprise and may be fraudulent because you were not signing in to any systems.

 

What should I do if I receive an unexpected MFA request?

Do not approve an MFA request you did not initiate yourself. An unexpected MFA request may be a fraudulent, unauthorized attempt to sign in as you and should be reported to abuse@wsu.edu immediately.