The US Cybersecurity and Infrastructure Security Agency (CISA) has published guidance on how organizations can protect against phishing and other threats by implementing phishing-resistant multi-factor authentication (MFA) and number matching in MFA applications.
