Turn on fraud alerts in O365 MFA - An Additional security step | SansSQL

Friday, June 15, 2018

Turn on fraud alerts in O365 MFA - An Additional security step

Multi-Factor Authentication (MFA) is a great feature for securing access to Enterprise applications but when a user receives a multi-factor authentication request when they aren’t expecting it, what they do? They can ignore the call or answer and hang up without pressing # to deny access to the person attempting to use their credentials.

This new feature "Fraud Alert" adds more value to the security by taking it to the next step by allowing the user to be more proactive about attempted attacks. They can answer the phone and enter their configured fraud alert code to report the attempted access. Not only it will deny the authentication taking place, but will block the user’s account so that additional authentication attempts are automatically denied without continuing to bother the user. It can also send an email notification to any configured email addresses so that they can take action, investigate, and change the user’s password. Once they have taken appropriate action, they can unblock the user’s account in the MFA Management Portal.

Turn on fraud alerts

  • Sign in to the Azure portal as an administrator.
  • Browse to Azure Active Directory > MFA Server > Fraud alert
  • Set the Allow users to submit fraud alerts setting to On
  • Select Save

Configuration options

Block user when fraud is reported: If a user reports fraud, their account is blocked for 90 days or until an administrator unblocks their account. An administrator can review sign-ins by using the sign-in report, and take appropriate action to prevent future fraud. An administrator can then unblock the user's account.

Code to report fraud during initial greeting: When users receive a phone call to perform two-step verification, they normally press # to confirm their sign-in. To report fraud, the user enters a code before pressing #. This code is 0 by default, but you can customize it

Note: The default voice greetings from Microsoft instruct users to press 0# to submit a fraud alert. If you want to use a code other than 0, record and upload your own custom voice greetings with appropriate instructions for your users.

View fraud reports
  • Sign in to the Azure portal
  • Select Azure Active Directory > Sign-ins. The fraud report is now part of the standard Azure AD Sign-ins report

4 comments:

kanchipuram silk sarees said...


After going over a handful of the articles on your web page, I truly appreciate your
technique of writing a blog. I added it to my bookmark site
list and will be checking back in the near future. Please visit my website too and tell
me your opinion.


kanchipuram sarees

Apsara G said...

It’s Good to share good things, Explained well... RPA Training in Chennai | Blue Prism Training in Chennai

Susmitha said...

Very nice information. I really want to appreciate you. Keep sharing like this.
Best Selenium Training Institute In Hyderabad | Online Selenium Training

Ali Khan said...

Thus, while you use the internet, you need to maintain balance and ensure security by controlling the real Internet security threats 먹튀검증

Post a Comment