Cyber thieves and other adversaries are creating fake login pages that look similar to legitimate UW authentication and Duo web pages to try to get access to your UW NetID account. You may be directed to one of these pages if you click on a link from a phishing email, like the one shown below. Please note that these emails may appear to be from a UW email address, but they are compromised accounts.
Once you have clicked the link, you may be taken to a page that looks like the image below. One way to spot a fake login page is to check the URL. When you are logging in to applications that are protected by UW’s single sign-on service, the URL will start with idp.u.washington.edu. But there may be other legitimate services, such as Microsoft, which will begin with login.microsoft.com or the Duo 2FA challenge page, which begins https://us.azureauth.duosecurity.com/authorization.
Please note that the best way to access services is to navigate online to the portal for the service rather than clicking on links in email.
If you provide your UW NetID and password on this fake login page, you may be redirected to yet another page which will ask you to verify your identity with 2FA. This page may appear similar to a legitimate Duo prompt, but it only offers one option: entering a pass code.
What do to if you receive a false DUO prompt
- If you receive unprompted 2FA authentication requests, DO NOT authenticate them. Hit “Deny” and report it as a suspicious login. Change your password immediately.
- If you suspect and email may be a phishing attempt, please forward the message as an attachment, and if possible, take a screenshot of the instance and forward it to security@uw.edu.
- If you think you may have accepted an attacker’s false Duo 2FA prompts, or have been exposed to a phishing attempt via phone or email, please change your password immediately and contact security@uw.edu.
Remember!
- One common way that UW accounts are compromised in the first place is through reuse of UW NetID passwords on other accounts. Make sure your password or passphrase is unique. Find other tips on our passwords infographic.