chat
expand_more

MFA Bypass Detection in Abnormal Account Takeover Protection

Abnormal now detects MFA Bypass attacks—including phishing, session hijacking, and exception abuse—with enhanced signals in Account Takeover Protection.
January 19, 2023
Enhancement
Account Takeover Protection

While properly configured multi-factor authentication (MFA) stops the majority of authentication/authorization attacks, simple misconfigurations or user missteps can lead to catastrophe. Attackers are exploiting these gaps to commandeer user accounts.

To combat this, Abnormal has enhanced its Account Takeover Protection add-on, analyzing thousands of signals to detect the hallmarks of an MFA Bypass attack, whether the attack takes the form of:

  • Phishing-initiated MFA Bypass;
  • Weakening MFA Authentication;
  • Exploitation of Authorized MFA Exception; or
  • Session Reuse/Hijacking

As with all detection types in Account Takeover Protection, an Abnormal Case will then immediately be opened when MFA Bypass is detected, so threats can be identified, investigated, and quickly remediated.

Get the Latest Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.