Multi-Factor Authentication Phishing Scams

As more organizations implement multi-factor authentication (MFA), scammers try new methods to access user accounts and steal information. A bad actor may try to fool others by sending a fake QR code via email, claiming to be a setup for multi-factor authentication. Below is an example that includes tips to look for when identifying a scam.

*Note: It's very rare for Microsoft to email MFA information. Typically, changes to MFA are handled through a Microsoft online portal. They will not send QR codes with links either. Treat any MFA-related messages claiming to be from Microsoft with skepticism.

MFA Scam E-Mail Example

1. Bizarre Email Address: The email address here is unfamiliar and not from a microsoft.com address or even a framingham.edu address.
2. Date/Time Layout:  While not necessarily an immediate red flag, non-standard date and time formatting are sometimes clues that a message isn't legitimate.
3. Odd-looking Logos:  Scammers may pull logos from websites or other public locations. Their formatting may be off or the image might look distorted.
4. Sense of Urgency:  Bad actors often use a "ticking clock" to pressure people into making snap decisions, rather than giving them time to think critically about the situation.
5. Out-of-Place Language: Phishing messages often contain language that attempts to mimic official communication. However, upon inspection, it becomes apparent that it appears strange and out of place. Specifically for any MFA message, the copyright or claim of ownership should be from Microsoft.

If you've received a message like this and you are unsure about it, please check with the IT department first before interacting with it. Do not scan unfamiliar or unexpected QR codes, especially into an MFA application that you use. 

100% helpful - 1 review