Turn on MFA Before Crooks Do It For You

2020-06-19 19:19

People who don't take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control.

Dennis soon learned the unauthorized Gmail address added to his son's hacked Xbox account also had enabled MFA. Meaning, his son would be unable to reset the account's password without approval from the person in control of the Gmail account.

Microsoft support sent Dayman and his son a list of 20 questions to answer about their account, such as the serial number on the Xbox console originally tied to the account when it was created.

Dayman's case was eventually escalated to Tier 3 Support at Microsoft, which was able to walk him through creating a new Microsoft account, enabling MFA on it, and then migrating his son's Xbox profile over to the new account.

"Users are also prompted shortly after account creation to add additional security information if they have not yet done so, which enables the customer to receive security alerts and security promotions when they login to their account," the company said in a written statement.

News URL

https://krebsonsecurity.com/2020/06/turn-on-mfa-before-crooks-do-it-for-you/

#MFA