High riskSocial Media Scams

MFA Fatigue Scam

In this scam, an attacker who has your password repeatedly triggers multi-factor approval prompts or codes, hoping you approve one out of annoyance or confusion, granting them access to your account.

Quick verdict

Risk level
High risk
Scam type
Account takeover (push bombing)
Main red flag
Repeated, unexpected login approval prompts or verification codes you did not request.
What to do first
Deny all prompts, do not approve, and change your password immediately.

What this scam usually looks like

In this scam, an attacker who has your password repeatedly triggers multi-factor approval prompts or codes, hoping you approve one out of annoyance or confusion, granting them access to your account.

Example message pattern

Example pattern — not a real report
Example pattern: Your phone gets a stream of 'Approve sign-in?' prompts or codes you did not request, sometimes with a message urging you to 'just approve it'.

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

  • Repeated approval prompts or codes you did not trigger
  • A message urging you to approve to 'stop the prompts'
  • A call or text claiming to be support asking you to approve
  • Prompts at odd hours
  • Pressure and confusion

What to do

  • Deny all approval prompts you did not initiate
  • Change your password immediately from a trusted device
  • Switch to phishing-resistant MFA or number matching where available
  • Report the attempts to the service and your IT team

If you already clicked or replied

  • If you approved a prompt, change your password and sign out all sessions immediately
  • Re-enable and review MFA settings and devices
  • Check the account for unauthorised changes
  • Report the takeover to the service

What not to do

  • Do not approve prompts to make them stop
  • Do not approve at a caller's request
  • Do not ignore repeated unexpected prompts

Similar scams

Frequently asked questions

Why am I getting these prompts?
An attacker likely has your password and is spamming approval requests, hoping you approve one. Deny them all and change your password immediately.
Support told me to approve to stop them. Should I?
No. Genuine support never asks you to approve a sign-in prompt. Approving grants the attacker access. Deny and report it.
I approved one. What now?
Change your password and sign out all sessions immediately, review MFA settings and devices, check for changes, and report the takeover.
How do I prevent this?
Use phishing-resistant MFA or number-matching, keep passwords unique and strong, and never approve prompts you did not start.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.