IT security tip: Receive a Duo push you didn’t expect?
If you receive an unexpected Duo push, select "Deny."
When you log in to a University of Utah IT system, typically with your uNID and password, the next step for many users is a Duo “push” (i.e., a notification on a mobile device to approve the login). However, have you ever received a Duo push unexpectedly, when you did not attempt to log in?
This is called a multifactor authentication, or MFA, fatigue attack. This type of attack happens when a criminal already knows your username and password. You may be inclined to approve the push, to “make it go away.” Unfortunately, you just gave a criminal access to your account.
Here are the steps to take when you unexpectedly receive a Duo push:
- Select the “Deny” button on the Duo Mobile app
- Immediately change your password at cis.utah.edu
- Notify IT Security Operations Center staff (soc@utah.edu or 801-587-1925) so they can provide further assistance
You can read more about MFA fatigue attacks on the Duo blog.
Also, this IT Knowledge Base article (login required) provides more information about Duo at the University of Utah.
Node 4
Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.