Duo Phishing Scams on the Rise at CSU
Release Date: August 08, 2024
CSU is seeing an increase in texting phishing attempts, targeting false authentication through Duo.
Attackers may falsely suggest your Microsoft accounts are being terminated and then request you answer a phone call or approve a Duo push from the IT Department. By doing so, attackers gain access to your information and render Duo ineffective.
Signs that your account has been compromised and attackers are trying to get around Duo include:
- Receiving Duo requests for authentication when you are not trying to log in.
- Receiving many authentication requests in a row.
What to do if you think your CSU account is under attack and your credentials have been compromised: ·
- Navigate to the
- Log in with your CSU credentials
- Approve the Duo MFA request
- Reset your password
This will stop the MFA attack in its tracks since the attackers no longer have your CSU credentials.
The Division of IT will never ask you for your information via text message and will communicate with you through official channels. To learn more about phishing attempts and staying safe online, please visit the . For help, call (970) 491-7276 or email help@colostate.edu.
