Abnormal Releases

Learn about recent enhancements to Abnormal's behavioral AI security platform.
January 19, 2023
Account Takeover

MFA Bypass Detection in Abnormal Account Takeover Protection

While properly configured multi-factor authentication (MFA) stops the majority of authentication/authorization attacks, simple misconfigurations or user missteps can lead to catastrophe. Attackers are exploiting these gaps to commandeer user accounts.

To combat this, Abnormal has enhanced its Account Takeover Protection add-on, analyzing thousands of signals to detect the hallmarks of an MFA Bypass attack, whether the attack takes the form of:

  • Phishing-initiated MFA Bypass;
  • Weakening MFA Authentication;
  • Exploitation of Authorized MFA Exception; or
  • Session Reuse/Hijacking

As with all detection types in Account Takeover Protection, an Abnormal Case will then immediately be opened when MFA Bypass is detected, so threats can be identified, investigated, and quickly remediated.