Beware of fraud
What is a fraudulent 2FA request?
A fraudulent 2FA request is one you receive that was initiated by someone else trying to sign in as you. Only approve 2FA requests you initiate yourself, knowingly and intentionally.
Examples
- You’re eating dinner with friends and your smartphone suddenly displays a Duo Mobile notification. It comes as a surprise and may be fraudulent because you’re eating and not signing in to any systems.
- You’re in your office reading when you receive an unexpected call from Duo to approve a request to sign in. The call is a surprise and may be fraudulent because you were reading and not signing in to any systems.
What should I do if I receive an unexpected 2FA request?
Do not approve a 2FA request you did not initiate yourself, knowingly and intentionally. An unexpected 2FA request may be a fraudulent, unauthorized attempt to sign in as you.
Report fraud
Unexpected Duo Mobile notification
- StepsActions
- Did you receive an unexpected push notification from Duo? One you didn’t initiate?
- Do NOT approve the request.
- Instead, tap the Deny button.
- Duo Mobile may ask why you are denying the request. If you suspect fraudulent activity, select It seems fraudulent to report it to UW-IT. Select It was a mistake if you know it wasn’t fraudulent.
- Change your password to ensure your account is secure.
Unexpected phone call from Duo
- StepsActions
- Did you receive an unexpected phone call from Duo? One you didn’t initiate?
- Do NOT approve the request.
- Instead, hang up without pressing any button.
- If you suspect fraudulent activity, report it by contacting the UW-IT Service Center.
- Change your password to ensure your account is secure.
Unexpected request to enter a Duo passcode
- StepsActions
- Is an unusual website asking you to enter a Duo passcode? One you didn’t expect?
- Do NOT enter a passcode.
- Instead, exit your web browser.
- If you suspect fraudulent activity, report it by contacting the UW-IT Service Center.
- Change your password to ensure your account is secure.