Azure MFA needs anti-phishing features such as include location details and notification to users about new devices
Users can sometimes approve MFA notifications on their device because they do not know whether it is their device authenticating or a hacker who has phished their credentials. Therefore, to help users know why they are being asked to accept authentication include additional details such as the application name, IP address and location in the MFA prompt. Apple includes the location and a map of the location in their own two-factor implementation.
Additionally, users should be notified with an email any time a new device is used to authenticate to their account.
andy webb commented
Absolutely agree with this. I'm constantly getting unexpected authentication requests in my authenticator app from the OneDrive signon on a laptop I don't travel with. 4 laptops, 2 mobile devices. I really need to know the context of the authentication request.
I 100% agree. I am actually working with an Azure MFA PFE this week on tweaking our MFA implementation, and commented the same thing to him almost verbatim.