You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Verifying the identity of a user that contacts the support team (phone / chat)
Verifying the identity of a user logging in / performing step-up authentication on a system
Malicious actors very commonly get in touch with an end-user under the guise of being a legitimate support team member and ask the end-user to provide the OTP code that they just sent. Appending the following text will serve as a mitigation to users falling for this attack vector:
"ExampleCo staff will ask for this code"
"ExampleCo staff will NOT ask for this code"
The text was updated successfully, but these errors were encountered:
OTP codes have two common use cases:
Malicious actors very commonly get in touch with an end-user under the guise of being a legitimate support team member and ask the end-user to provide the OTP code that they just sent. Appending the following text will serve as a mitigation to users falling for this attack vector:
The text was updated successfully, but these errors were encountered: