What We Do
Managed Services

Managed IT Support

Managed Cloud

Managed Cybersecurity
Professional Services

Consulting & Advisory

Transitions & Transformations

Application Development

Teams Phone & Teams Rooms

Network Cabling

SharePoint Development Services

Cloud Migrations

Cloud Integrations
Modern Work

Modern Work Program

Hybrid Teamwork & Collaboration

Data Analytics & Data Science

Accessibility

Business Process Automation
Artificial Intelligence (AI)

AI Accelerator

Copilot Factory
Who We Help
Large or small, we have a solution to fit your organization

At Clear Concepts, we are passionate IT professionals who want to make a positive impact on your business operation. We understand the value of Information Technology and how it can deliver a return on investment for your organization. We serve a wide variety of business networks, with a focus on businesses between 10 and 500 employees. If you are looking to take your business to the next level, we are the team you need!

The following vertical markets are examples of how we can make an impact but we also serve other business types not featured on our website. From Manufacturing to Retail, Banking to Real Estate, we have the knowledge and expertise to help you succeed. Contact us today to find out how we can help you reach your goals!
Industries

Social Services

Healthcare

Commercial Businesses

Education

Municipal Government

Remote Communities

Nonprofits
Resources
Insights Blog

Getting To Know Microsoft Copilot

Innovate For Impact

How To Get Started With AI: Productivity
More Resources

Insights Blog

Videos & Podcasts

Upcoming Events
About
- Who We Are
- The Team
- Partners
- Awards
Affiliation:
Getting to know us

Who We Are

The Team

Partners

Awards
Careers
Working at Clear Concepts
Employment Benefits
Career Opportunities
Contact Us
Launch Client App

What is an MFA Bombing Attack and How to Avoid Being Compromised

Nino Vales 2022-09-23

2021-08-17

Here is How to Avoid Tech Support Scams Currently on the Rise

2021-04-19

Adopting MFA Series Part 1: What is MFA?

2021-04-19

Adopting MFA Series Part 3: Implementing MFA in Microsoft 365

Know more about the MFA bombing tactic

Many of us already know the importance of having Multi-Factor Authentication or MFA. Enabling MFA gives many users peace of mind against stolen credentials.

MFA is becoming a standard across many organizations. Over the years, it has spawned different forms based on user or organization preference.

A popular MFA form is the push notification using a mobile authenticator app.

This method added convenience when authenticating to an application. Users only need to tap the MFA notification on their mobile phones to complete or deny the login.

Push notification is probably one of the most convenient but is also one of the weaker forms of MFA.

What is MFA bombing?

MFA bombing is a tactic where the threat actors can send multiple MFA notifications to the target mobile device. This happens if they already gained the password but is still prohibited unless MFA allows the login.

There is a good chance that the victim can get confused about the unexpected notifications and accidentally tap approve, effectively granting access to the threat actors.

What is a better method?

Indeed, adding MFA adds an extra step for everyone. It takes some time to get used to it.

Push notification tap to approve has become one of the popular choices since it is faster and more convenient than the other forms of MFA.

But now, there is another convenient method called number matching MFA as seen in this image:

Number-Matching-MFA-- Number-Matching-MFA---

The authenticator app will require the user to match the number displayed on the login screen with their mobile authenticator app. The numbers displayed on the screen and the mobile authenticator app must match before granting access.

Reminder

If anyone experienced the MFA bombing tactic or received an unexpected prompt from their authenticator app, please report it to your IT department as soon as possible.

Also, consider switching to number matching or token-based methods if you still use push notification MFA.

Contact Clear Concepts if you need assistance with implementing Number Matching or Token-Based MFA methods.

Cyber security

2021-08-17

Here is How to Avoid Tech Support Scams Currently on the Rise

2021-04-19

Adopting MFA Series Part 1: What is MFA?

2021-04-19

Adopting MFA Series Part 3: Implementing MFA in Microsoft 365

Demystifying SharePoint Migrations

Exchange Online Data Loss Prevention in Microsoft 365 Business Premium