Helping the Territory get on with their IT needs since 2000

8am to 5pm ACST

(08) 8986 7133

blog image

What Is Push-Bombing & How Can You Prevent It?

May 30, 20231 min read

Cloud account takeover has become a major problem for organizations.

Between 2019 and 2021, account takeover (ATO) rose by 307%.

MFA is very effective at protecting cloud accounts and has been for many years.

But it’s that effectiveness that has spurred workarounds by hackers.

One of the nefarious ways to get around MFA is push-bombing.

How Does Push-Bombing Work?

A hacker with a user’s credentials takes advantage of the MFA push notification process.

Hackers attempt to log in many times.

This sends the legitimate user several push notifications, one after the other.

Push-bombing is a form of social engineering attack designed to:

·         Confuse the user

·         Wear the user down

·         Trick the user into approving the MFA request to give the hacker access

Ways to Combat Push-Bombing at Your Organization

·         Educate Employees

·         Reduce Business App “Sprawl”

·         Adopt Phishing-Resistant MFA Solutions

·         Enforce Strong Password Policies

·         Put in Place an Advanced Identity Management Solution

Do You Need Help Improving Your Identity & Access Security?

Give us a call today to schedule a chat.

Back to Blog

Portal Technology is one of the longest serving ICT companies in the Territory and have been helping clients with all their ICT requirements since 2000.



Phone: (08) 8986 7133

Address: 107/12 Salonika Street, Paarap, NT 0820


Read our privacy statement HERE

Copyright 2021 All Rights Reserved Powered By: Growably