Cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections. The FBI is urging organizations to use more sophisticated techniques, such as biometrics or behavioral authentication methods, which include geolocation data or an IP address, to help verify a user’s identity even through these are much more inconvenient for customers or employees. A recent study by security firm LastPass found that nearly 57 percent of businesses worldwide use multifactor authenticating an individual’s identity. An FBI spokesperson could not be reached for comment.”]
Source: https://www.govinfosecurity.com/fbi-cybercriminals-are-bypassing-multifactor-authentication-a-13226