Find log events of interest
The following log event types are relevant when investigating an MFA attack. They are found in the Auth0 tenant logs.Mitigation strategies
The following are example responses to attacks against MFA:- Migrate to stronger MFA options by replacing SMS/voice-based MFA with OTP or Webauthn to mitigate SMS pumping or toll fraud attacks.
- Enhance SMS/Voice Provider Security by implementing fraud protection like Twilio’s Preventing Fraud in Verify when using SMS/voice MFA.
- Avoid MFA fatigue by enforcing push notification rate limits.