Trouble in two-factor paradise: Hackers double down on Duo scams

03/17/2023

Duo, U-M’s two-factor authentication service, has become the latest technology targeted by hackers. Earlier this month, leaders in Michigan Medicine’s Information Assurance (MM:IA) team rang the alarm bell.

Duo screen asking if it is a suspicious log in with a Deny and Accept button.

If you’re like most people, being prompted for payment or personal information out of the blue raises a red flag. And for good reason: the majority of fraud, including online scams and phishing attacks, involves unsolicited requests for money or private data.

Lately, one such exploit has spread across the university under the guise of trusted technology.

Duo, U-M’s two-factor authentication service, has become the latest technology targeted by hackers. Earlier this month, leaders in Michigan Medicine’s Information Assurance (MM:IA) team rang the alarm bell.

According to MM:IA, here are the steps you can take to protect yourself:

Identifying and reporting Duo Mobile scams

You may receive a notification from Duo prompting you to approve or deny a U-M log-in attempt.

Always check the location of the request, as this is an indicator of potential fraud.

Furthermore, if you receive a Duo prompt at a time when you are not attempting to log into a university account, select ‘Deny,’ then tap ‘Yes’ to report the login as suspicious. Reporting is key for MM:IA to quickly respond to any potential threats.

Remember, Duo will only send you a two-factor authentication prompt if you are attempting to log into a system at the same time. Otherwise, deny the request.

You can easily avoid falling susceptible to the Duo exploit. If and when you receive a prompt asking for login approval, ask yourself whether you are simultaneously logging onto a U-M account. If you are not, select ‘Deny,’ then ‘Yes’ to report the suspicious login attempt.

Play your part: keep Michigan Medicine and yourself cyber safe.

Other important resources

Stay current with IA:MM Education & Awareness:

Safe Computing website
Scams and Fraud
Phishing and suspicious email