Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering increasingly clever ways to bypass it.

During an attack (https://apo-opa.co/4aT1XGc) on Uber’s IT systems in 2022, the hackers did not use any sophisticated tactics to gain access. Instead, they bombarded an employee with repeated login requests until, out of sheer frustration, the employee approved one. This type of cyberattack is known as an “MFA fatigue attack” and poses a real risk to organisations, says Anna Collard, SVP Content Strategy and Evangelist at KnowBe4 AFRICA, a cybersecurity training designer.

“MFA fatigue attacks, also known as prompt spamming or authentication bombing, exploit human vulnerability, rather than relying on high-tech hacking methods,” she explains. “These attacks involve sending continuous push notifications to a target who has already provided their username and password, aiming to irritate or confuse them into unwittingly granting the attacker access to their account or system.”

With Uber, the attacker likely bought the contractor’s Uber corporate username and password on the dark web. The attacker then made repeated attempts to log into the victim’s Uber account. Each time, the victim received a request to approve a two-factor login, which blocked access at first. However, eventually, and after the attacker contacted the contractor on WhatsApp claiming they were from Uber IT and that the only way to get rid of the never ending notifications was to accept one, the contractor accepted one request, allowing the attacker to successfully log in.

Previously, cybersecurity experts believed that Multifactor Authentication (MFA) was a foolproof method to protect corporate IT systems from hackers. “Now we’re seeing attackers finding ways around it by bombarding the victim with scores of MFA requests or by tricking them over the phone,” says Collard. This tactic, similar to a swarm of bees overwhelming someone, is a simple yet effective social engineering technique used by hackers. “By bugging you repeatedly until you give in, malicious actors can manipulate users into approving fraudulent access attempts,” says Collard.

How can you prevent it?

The best way to prevent MFA fatigue attacks in organisations is not to use push notifications. “While MFA provides an extra layer of security, it’s not foolproof,” she asserts. “From a cybersecurity perspective, I would recommend that organisations disable push notifications altogether and rather use alternative verification methods.”

An example of a better verification method is number matching. “This involves matching a unique code provided by the authentication app with the code displayed on the screen during the login process,” explains Collard. 

A challenge-response method is another effective way of providing additional security. This method asks a user a specific question to verify their identity or to perform a task in response to a challenge. “A challenge-response method is more difficult for hackers to bypass. It can involve mechanisms like biometric authentication, in which users must scan their fingerprints or irises or use facial recognition to gain access to a network.” However, both of the above are not immune against so-called man in the middle or social engineering attacks tricking the users to hand over their OTP or response to the fraudster.

Another effective verification method is FIDO2, an open authentication standard that allows users to log in without using passwords. “You can implement FIDO2 using hardware security keys,” she explains. Typically, USB sticks store the user’s private key, while the public key is stored on the authentication server. As soon as the user enters their username and password, the system requests them to use the hardware key. “It is more resistant to phishing as it works on a challenge-response protocol and doesn’t rely on a one-time PIN that can be intercepted,” she adds.

Mindfulness is key

As with all hacking attempts, it’s crucial that users remain calm and mindful, rather than reacting emotionally. “Stay tuned into your body’s responses when dealing with potential cybersecurity threats, whether they are phishing emails or MFA fatigue attacks,” says Collard. “If something feels strange, like if the situation is putting you under undue pressure, listen to that cue and don’t respond in a knee-jerk fashion. In this way, you’ll keep a straight head and thwart potential data breaches.”

Distributed by APO Group on behalf of KnowBe4.

The Fund for Export Development in Africa (“FEDA”), Afreximbank’s impact investment subsidiary (www.Afreximbank.com), has announced its investment into Bloom Africa Holdings Limited (BAHL), a regional financial services platform operating across West Africa.

BAHL holds interests in multiple financial institutions across Gambia, Sierra Leone, and Liberia operating as Bloom Bank Africa. These institutions function as full-service commercial banks and provide a comprehensive range of services to a diverse clientele ranging from retail and corporate customers to SMEs and the public sector. BAHL extends tailored banking services, whilst promoting financial inclusion and trade through innovative outreach programs and accessible products.

FEDA’s investments aim to bolster BAHL’s expansion efforts within the financial services sector. This investment will support BAHL’s growth initiatives, enabling the company to enhance its platform and services across West Africa. Through this partnership, FEDA is contributing to the development and strengthening of the financial services landscape in the region, fostering economic growth and innovation.

Gabriel Edgal, Director of BAHL as well as Group CEO and Chairman of Oakwood Green Africa, an associate company of BAHL commented, “We are delighted with the completion of this transaction which expands the strategic partnership forged with Afreximbank and FEDA in recent years. FEDA’s investment will strengthen our activities in Gambia and our aim to replicate this success in other countries.”

Marlène Ngoyi, CEO of FEDA, commented, “We are pleased to embark on this growth journey with BAHL with the aim of supporting the group’s geographical expansion. The transaction is the culmination of years of strategic partnerships in which BAHL has taken an active role in implementing key Afreximbank initiatives such as the Pan-African Payment and Settlement System (PAPSS) and MANSA (a pan-African customer due diligence repository for financial institutions). The growth of BAHL will go hand in hand with the advancement of these initiatives.”

Distributed by APO Group on behalf of Afreximbank.

Media Contact:
Mr. Vincent Musumba
Manager, Communications and Events (Media Relations)
Email: press@afreximbank.com
Tel: +20 2 24564100 /1/2/3
Mobile: +201030121123

About FEDA:
The Fund for Export Development in Africa (“FEDA”) is the impact investment subsidiary of Afreximbank set up to provide equity, quasi-equity, and debt capital to finance the multi-billion-dollar funding gap (particularly in equity) needed to transform the Trade sector in Africa. FEDA pursues a multi-sector investment strategy along the intra-African trade, value-added export development, and manufacturing value chain which includes financial services, technology, consumer and retail goods, manufacturing, transport&logistics, agribusiness, as well as ancillary trade enabling infrastructure such as industrial parks.

About Afreximbank:
African Export-Import Bank (Afreximbank) is a Pan-African multilateral financial institution mandated to finance and promote intra-and extra-African trade. For 30 years, the Bank has been deploying innovative structures to deliver financing solutions that support the transformation of the structure of Africa’s trade, accelerating industrialization and intra-regional trade, thereby boosting economic expansion in Africa. A stalwart supporter of the African Continental Free Trade Agreement (AfCFTA), Afreximbank has launched a Pan-African Payment and Settlement System (PAPSS) that was adopted by the African Union (AU) as the payment and settlement platform to underpin the implementation of the AfCFTA. Working with the AfCFTA Secretariat and the AU, the Bank is setting up a US$10 billion Adjustment Fund to support countries to effectively participate in the AfCFTA. At the end of December 2023, Afreximbank’s total assets and guarantees stood at over US$37.3 billion, and its shareholder funds amounted to US$6.1 billion. The Bank disbursed more than US$104 billion between 2016 and 2023. Afreximbank has investment grade ratings assigned by GCR (international scale) (A), Moody’s (Baa1), Japan Credit Rating Agency (JCR) (A-) and Fitch (BBB). Afreximbank has evolved into a group entity comprising the Bank, its impact fund subsidiary called the Fund for Export Development Africa (FEDA), and its insurance management subsidiary, AfrexInsure, (together, “the Group”). The Bank is headquartered in Cairo, Egypt.

The woes of Kampala City traders may come to an end, if the current negotiations with government yield tangible solutions.

Hon. David Bahati, the Minister of State of Trade, Industry and Cooperatives (Industry), informed Parliament during plenary sitting on Tuesday, 16 April 2024 that should the Executive make a break through, a statement will be presented to Parliament on Wednesday, 17 April 2024.

The traders, under their umbrella body, Kampala City Traders Association (KACITA) commenced a strike which has seen several shops in down town Kampala closed since 08 April 2024. 

Among other challenges, the traders are protesting the enforcement of the Uganda Revenue Authority’s (URA) Electronic Fiscal Receipting and Invoicing Solution (EFRIS) system, saying that they were not sensitised and also lack the requisite infrastructure to use the system.

“The Trade Ministry and that of Finance are meeting traders currently and I request to make a statement tomorrow on progress. “We are working tirelessly because we do know how this affects the economy,” said Bahati. 

He was responding to Speaker Anita Among who in her communication, reiterated the urgency of resolving the concerns of the traders. 

“Last week, the House specifically deliberated upon the concerns regarding the electronic fiscal receipting and invoicing system for which the House recommended a constructive engagement between Uganda Revenue Authority and the traders,” she said.

Among added: “In the same vein, we reiterate our earlier recommendation for dialogue to amicably resolve any of the sticky issues that are being raised because it has gone beyond the electronic invoicing.”

She noted that the traders are further frustrated because majority are not aware of the taxes they are paying. 

“There is a lot of uncertainty on how much taxes the traders are paying, people need to know how much they are paying,” she said. 

The Leader of the Opposition, Hon. Joel Ssenyonyi, underscored the need for government to expeditiously resolve the issue. 

“There is an emergency issue, the Executive should talk to the traders because the strike has a huge impact,” Ssenyonyi said. 

Kalungu West County Member of Parliament, Hon. Joseph Ssewungu proposed halting of the EFRIS in the interim, as a long lasting solution is being sought. 

“Halt the system and train the traders so that we can have sanity,” said Ssewungu. 

Distributed by APO Group on behalf of Parliament of the Republic of Uganda.

The Islamic Development Bank (IsDB) Group’s (www.IDBGBF.org) private sector institutions, including the Islamic Corporation for the Insurance of Investment and Export Credit (ICIEC), the Islamic Corporation for the Development of the Private Sector (ICD), and the International Islamic Trade Finance Corporation (ITFC), are proud to announce the upcoming “Private Sector Forum,” which will take place on April 28-30, 2024, at the Intercontinental Riyadh Hotel, Saudi Arabia, on the sidelines of the IsDB Group Annual Meetings and Coinciding with the celebration of the Golden Jubilee of the Islamic Development Bank under the High Patronage of the Custodian of the Two Holy Mosques King Salman bin Abdulaziz Al Saud.  

This year’s theme, “Cherishing our Past, charting our Future: Originality, Solidarity, and Prosperity”, reflects our dedication to honouring our rich heritage while paving the way for a future filled with innovation and shared success.

PSF 2024 Aims to:

Foster unparalleled networking opportunities for stakeholders from the global business community to exchange insights and success stories.,
Showcase the IsDB Group’s substantial contributions to advancing Public-Private Partnerships (PPPs) and supporting Vision 2030 in the Kingdom of Saudi Arabia.
Connect the business communities within our Member Countries through B2B and B2G meetings.
Provide a platform for partners and startups to showcase their innovations and services they offer.
Celebrate achievements of organizations and individuals through IsDB Group Awards Ceremony.

The event is expected to attract more than 2,500 participants, including government officials, Chairmen, Presidents, and CEOs of local and international companies, multilateral and financial institutions, chambers of commerce and industry, business associations, investment promotion agencies, individual investors, and entrepreneurs. The Forum will also facilitate parallel B2B and B2G meetings, enabling business communities across member countries to establish valuable connections. The event will feature an exhibition for partners and a competition for start-ups, and for the first time, notable organizations and personalities will be recognized and awarded by the IsDB Group entities.

The Private Sector Forum will also feature prominent speakers sharing their in-depth perspectives with the IsDB Group Entities Chief Executive Officers, Mr. Oussama Kaissi, the CEO of ICIEC, Eng. Hani Salem Sonbol, the CEO of ITFC, and the Acting CEO of ICD. The speakers will share success stories, experiences, and best practices for promoting investment and trade opportunities in member countries.

For further information, please refer to the event’s website (www.ISDBG-PSF.org). The Private Sector Forum is a significant opportunity for partners and leading stakeholders to foster relationships, share knowledge and expertise, and discover new investment and trade opportunities.

Distributed by APO Group on behalf of Islamic Development Bank Group Business Forum (THIQAH).

Media Contacts:
Islamic Corporation for the Insurance of Investment and Export Credit (ICIEC)
Rania Binhimd
Communication Department
Email: Rbinhimd@isdb.org

International Trade Finance Corporation (ITFC)
Tel: +966 12 646 8337
Fax: +966 12 637 1064
E-mail: ITFC@itfc-idb.org

Islamic Development Bank Group Business Forum (THIQAH)
Email: THIQAH@isdb.org

Social Media:
Islamic Corporation for the Insurance of Investment and Export Credit (ICIEC)
X: https://apo-opa.co/49b1yOm
Facebook: https://apo-opa.co/4asvVAU
LinkedIn: https://apo-opa.co/4a2ZclK
YouTube: https://apo-opa.co/4a813FU

Islamic Corporation for the Development of the Private Sector (ICD)
Twitter: @ICD_PS
LinkedIn: ICDPS
Facebook: @icdps
YouTube: ICDPS

International Trade Finance Corporation (ITFC)
Twitter: https://apo-opa.co/49nwieY
Facebook: https://apo-opa.co/49eQEIa
Linkedin: International Islamic Trade Finance Corporation (ITFC)

Islamic Development Bank Group Business Forum (THIQAH)
Twitter: @IDBGTHIQAH
Facebook: @IDBGTHIQAH
LinkedIn: IsDB Group Business Forum – THIQAH

About Islamic Development Bank (IsDB):
The Islamic Development Bank is a multilateral development bank that works to improve the lives of those it serves by promoting social and economic development in Muslim countries and communities around the world and making a difference at scale. Through collaborative partnerships between communities in its 57 member countries, the Bank seeks to equip communities to drive their own economic and social progress at scale, and put the infrastructure in place to enable them to realize their potential. The Bank’s new business model of “making markets work for development” contributes to enhancing the competitiveness of our member countries in strategic industries in order to improve participation and upgrading in global value chains. This is in the field of food and agricultural industries, textiles, clothing, leather, shoes, petrochemicals and petroleum, construction, and Islamic finance. The Bank also promotes innovative and sustainable solutions to the biggest development challenges in the world, and takes advantage of the scientific potential in technology and innovation as strategic drivers of economic growth, and we also work to achieve the United Nations sustainable development goals.

About The Islamic Corporation for the Insurance of Investment and Export Credit (ICIEC) :
ICIEC commenced operations in 1994 to strengthen economic relations between OIC Member States and promote intra-OIC trade and investments by providing risk mitigation tools and financial solutions. The Corporation is uniquely the only Islamic multilateral insurer in the world. It has led from the front in delivering a comprehensive suite of solutions to companies and parties in its 49 Member States. ICIEC, for the 16th consecutive year, maintained an “Aa3” insurance financial strength credit rating from Moody’s, ranking the Corporation among the top of the Credit and Political Risk Insurance (CPRI) Industry. ICIEC’s resilience is underpinned by its sound underwriting, reinsurance, and risk management policies. Cumulatively, ICIEC has insured more than US$ 108bn in trade and investment. ICIEC activities are directed to specific sectors – energy, manufacturing, infrastructure, healthcare, and agriculture.

For more information, visit: http://ICIEC.IsDB.org

About the Islamic Corporation for the Development of the Private Sector (ICD): 
The Islamic Corporation for the Development of the Private Sector (ICD) is a multilateral organization affiliated with the Islamic Development Bank (IsDB). It supports the economic development of its member countries by providing financial assistance to private sector projects in accordance with the principles of Shari’ah. It also mobilizes additional resources for projects and encourages the development of Islamic finance. ICD’s operations complement the activities of IsDB in member countries and also those of national financial institutions. ICD has 55 member countries and five public financial institutions as its shareholders and has an authorized capital of USD 4 billion.

Website: https://ICD-PS.org

About the International Trade Finance Corporation (ITFC):
The International Islamic Trade Finance Corporation (ITFC) is a member of the Islamic Development Bank (IsDB) Group. It was established with the primary objective of advancing trade among OIC member countries, which would ultimately contribute to the overarching goal of improving socioeconomic conditions of the people across the world. Commencing operations in January 2008, ITFC has provided US$ 75 billion of financing to OIC member countries, making it the leading provider of trade solutions for these member countries’ needs. With a mission to become a catalyst for trade development for OIC member countries and beyond, the Corporation helps entities in member countries gain better access to trade finance and provides them with the necessary trade-related capacity building tools, which would enable them to successfully compete in the global market.

About the Islamic Development Bank Group Business Forum (THIQAH)
The Islamic Development Bank Group Business Forum (THIQAH) is the window of the IsDB Group that facilitate contact and coordination between entities concerned of the IsDB Group and private sector firms and related institutions in IsDB Group member countries. The main objective of THIQAH is to establish a unique platform for effective dialogue, cooperation and inclusive partnership for business leaders committed to partnering in promising investment opportunities. Through facilitation and catalyst roles, THIQAH will be leveraging IsDB Group’s resources to offer necessary services and confidence to investors and to establish strategic partnerships with the leaders of the private sector. The primary focus will be on maximizing cross-border investment among member countries to be supported by IsDB Group’s financial products and services. (www.IDBGBF.org)