Arctic Wolf Security Bulletin
Arctic Wolf Security Bulletin

Arctic Wolf Observes Organisations Receiving Unsolicited Microsoft MFA Messages

Arctic Wolf has recently observed customers receiving unsolicited Microsoft multi-factor authentication (MFA) text messages.
Arctic Wolf Security Bulletin
6 min read

Arctic Wolf has recently observed customers receiving unsolicited Microsoft multi-factor authentication (MFA) text messages. These messages originate from legitimate Microsoft short code numbers; however, the source and intent have not been confirmed. This issue appears widespread, affecting organisations across multiple industry verticals.  

Example of Text Message

It is currently unclear whether this activity is due to a systemic issue on Microsoft’s side or part of a malicious campaign. At this time, Arctic Wolf has not identified any malicious activity or unauthorised access associated with these unexpected MFA prompts. 

Recommendation 

Avoid Interacting With Unsolicited MFA Authentication Messages

Avoid interacting with any unsolicited MFA requests and report them to your security team. 

Resources

Understand the threat landscape, and how to better defend your organisation, with the 2025 Arctic Wolf Threat Report

See how Arctic Wolf utilises threat intelligence to harden your attack surface and stop threats earlier and faster

Share this post: