What is a fraudulent Multi-Factor Authentication request?

A fraudulent Multi-Factor Authentication or MFA request is one you receive that was initiated by someone else trying to sign in as you. Only approve MFA requests you initiate yourself, knowingly and intentionally.

Examples

• You’re away from work and your smartphone suddenly displays a Multi-Factor Authentication notification. It comes as a surprise and may be fraudulent because you're not signing in to any systems.
• You’re in your office when you receive an unexpected Multi-Factor Authentication call to approve a request to sign in. The call is a surprise and may be fraudulent because you were not signing in to any systems.

What should I do if I receive an unexpected Multi-Factor Authentication request?

Do not approve a Multi-Factor Authentication request you did not initiate yourself. An unexpected Multi-Factor Authentication request may be a fraudulent, unauthorized attempt to sign in as you and should be reported to abuse@wsu.edu immediately.