Skip to Content

AZ-500: How Do Users Report Fraud with Azure AD MFA to Automatically Block Their Account?

By: Author Alex Lim

Posted on

Categories AZ-500

Home » Exam » AZ-500 » AZ-500: How Do Users Report Fraud with Azure AD MFA to Automatically Block Their Account?

Can You Report an MFA Fraud Alert via Email in Azure AD?

Discover the correct procedure for the AZ-500 exam on how users report fraudulent MFA attempts in Azure AD. Learn why the fraud alert feature uses interactive prompts on a phone or app and does not support reporting via email.

Question

With Azure AD MFA, you can automatically block authentication for users who report fraud via email to a support address.

A. FALSE
B. TRUE

Answer

A. FALSE

Explanation

Users can report fraud using a code via phone (0 by default).

The statement is false because the automated fraud alert feature in Azure AD Multi-Factor Authentication is designed for immediate, real-time reporting by the user during a fraudulent MFA attempt. It does not integrate with email systems for this purpose.

The fraud alert feature works through the specific MFA methods being used:

  • Phone Call: When a user receives an MFA verification phone call that they did not initiate, they can hang up and report it as fraud by entering a specific code (the default is 0#).
  • Microsoft Authenticator App: If a user receives an unexpected push notification in the Authenticator app, they can deny the request and then select the “Report Fraud” option.

When a user submits a fraud alert through either of these methods, an automatic process is triggered. The user’s account is immediately blocked from signing in for a default period of 90 days or until an administrator unblocks it. This immediate blocking is a critical security measure to prevent an attacker from gaining access.

Configuring this feature to work via email would not be practical or secure. Email is an asynchronous communication method, and there would be a significant delay between the user sending an email and a system being able to parse it and take automated action. The built-in fraud alert mechanism is designed for instant response at the moment the fraudulent attempt is detected by the end-user.

Microsoft AZ-500 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Microsoft AZ-500 exam and earn Microsoft AZ-500 certification.