MFA Phishy is the Answer

At a time when nearly 84% of companies have experienced an identity-related breach, it’s more important than ever to know for certain where your weak points are – not to punish team members but, instead, to train them through repeated, random testing. MFA Phishy can help you permanently change your company’s behaviors and enable you to quantify the improvements over time. MFA Phishy currently supports Symantec VIP running on Azure AD, with future support coming for SMS.

How MFA Phishy works

MFA Phishy integrates with Symantec VIP when Symantec VIP is used with Microsoft Azure Active Directory. The tool gives administrators the ability to send bogus authentication requests to team members individually or to the entire organization. The security team can monitor the results in real time, view the performance of users over time, and export a CSV report from a given time period.

The user can either deny the MFA request or take no action at all. A user fails their phishing test only if they approve the malicious request. Retest as many people as many times as you’d like. If you’re like most companies we work with, you’ll soon see the failure rate trending toward zero and new employees catching on quickly.