Report Fraudulent 2FA Requests
Information on fraudulent requests and what to do when receiving one
A fraudulent 2FA request is one you receive that was initiated by someone else trying to sign in as you. Only approve 2FA requests you initiate yourself, knowingly and intentionally. If you receive a prompt you didn't initiate means that someone has your password and you should change your password immediately.
Examples:
You’re eating dinner and your smartphone suddenly displays a Duo Mobile notification. It comes as a surprise and may be fraudulent because you’re eating and not signing in to any systems.
You’re watching a movie when you receive an unexpected call from Duo to approve a request to sign in. The call is a surprise and may be fraudulent because you were not signing in to any systems.
What should I do if I receive an unexpected 2FA request?
Do not approve a 2FA request you did not initiate yourself, knowingly and intentionally. An unexpected 2FA request may be a fraudulent, unauthorized attempt to sign in as you. This means that someone has your password and you should change it immediately.
Did you receive an unexpected push notification from Duo? One you didn’t initiate?
Do NOT approve the request.
Instead, tap the Deny button.
Duo Mobile may ask why you are denying the request. If you suspect fraudulent activity, select Yes It seems fraudulent to report it to IST Service Desk. Select No It was a mistake if you know it wasn’t fraudulent.
Did you receive an unexpected phone call from Duo? One you didn’t initiate?
Do NOT approve the request.
Instead, hang up without pressing any button.
If you suspect fraudulent activity, report it by contacting the IST Service Desk.
Is an unusual website asking you to enter a Duo passcode? One you didn’t expect?
Do NOT enter a passcode.
Instead, exit your web browser.
If you suspect fraudulent activity, report it by contacting the IST Service Desk.