Beware of “Prompt bombing” – multiple pings trying to trick you
A new form of social engineering known as “prompt bombing” uses multiple pop-up prompts to catch distracted users off guard and cause them to bypass multi-factor authentication. Often the prompts are from imposters posing as your IT staff, other staff or your provider security staff. This scam “bombs” the user with repeated pop-up notifications that require you to pick an option or enter your log in credentials in order to close out. The prompts will continue to come in, often after work hours, to try to annoy you enough to pick an option just to make it stop.
The criminal can then take over your email and send out hundreds of malicious emails using your official email address. Repeated, unexpected pop-ups that ask for credentials are a red flag of potential prompt bombing.
ACTION STEPS:
- Do not fall for this trick and do not click on any links in the pop-up. This gives the scammer access to your email or even your entire Office 365 account.
- Remember to PVR: Pause, Verify, Report anything that looks suspicious.
- Ignore any prompt, pop up message or text that asks you to enter login credentials if you have not initiated a password reset. You can take a screen capture of the prompts, close out of the application and report to your IT staff immediately.
See our CTR Cyber page for cybersecurity internal controls. Departments should contact [email protected] with any incidents or suspected incidents of fraud or cyber threats or if you need support from our Statewide Risk Management Team.