.png)
German (DE) 
English (US) 
Spanish (ES) 
French (FR) 
Hindi (IN) 
Italian (IT) 
Russian (RU) 
13 hours ago
2
Recognizing the rising prevalence of phishing scams — where a bad actor will seek to trick a target into revealing sensitive personal or financial information through fake websites, emails or text messages — the Federal Housing Administration (FHA) has announced it is implementing anti-phishing multifactor authentication (MFA) into FHA Catalyst (FHAC).
FHAC provides FHA-approved lenders and business partners with secure online access to computer systems at the U.S. Department of Housing and Urban Development (HUD).
Multifactor authentication is a type of cybersecurity mechanism for online accounts and services. It requires an initial credential, like a conventional password, but also requires a second, individualized factor such as a text sent to the user’s mobile phone, or a specialized authenticator mobile app with time-sensitive codes.
Accounts with MFA are generally far more difficult to compromise than those operating with only one authentication factor. Phishing scams are also commonplace in the modern digital ecosystem, but while some phishing attempts are easy to spot by users and software vendors like email providers, others are more sophisticated.
“Phishing scams are cybercrimes which are intended to gain access to online accounts or install malware to damage or steal data from a computer or network,” FHA said in its informational notice sent out on Thursday.
“It can take many forms, like emails, text messages, phone calls and social media posts. These messages often contain links to bogus websites but are instead designed to steal your personal and/or business information.”
MFA is seen as a key tool to combat such attacks, leading to its greater incorporation into FHAC, the agency said.
“This new phishing-resistant MFA security feature is part of FHA’s ongoing commitment to maintaining secure lender, borrower, and stakeholder data while advancing identity management and access control capabilities,” the notice reads. “This enhancement also helps ensure that login credentials are not shared or exposed to attacks.”
The new MFA functionality is now available to all FHAC users, but it will become mandatory on July 28, the agency explained. It recommends users set up MFA on their accounts as quickly as possible.
“Users who do not implement this new security feature by July 28th will not be able to access FHAC,” the notice reads. “This requirement does not impact users who connect to FHAC through the business-to-government interface.”
Two options for establishing MFA are offered in FHA’s instructions for setup, but the use of the Okta FastPass product is listed as “recommended.”
Comments