Duo Scams
Duo Scams
Two-Factor Authentication Scams
Phishing Tips
Learn how to spot emails trying to trick you into clicking something you shouldn't.
Hackers often use phishing emails to try to lure you into giving up your Rowan NetID and password.
While Duo two-factor authentication helps protect your account from unauthorized access, hackers are using new tactics to try to break down your defenses and get access to your information, including:
Fake Login Pages
Hackers are creating fake login pages that look really similar to legitimate Rowan University websites to try to get access to your account. You may be directed to one of these pages if you click on a link from a phishing email, like the one shown below. In addition to our other phishing tips, be particularly wary of links in emails marked as [SUSPECTED SPAM] in the subject line. This label is applied to emails flagged by our system's anti-spam tools.
Then, you’ll be directed to a page that looks like the sign-on page you’re used to seeing for Rowan applications. Often, the only way you can spot a fake from the real thing is by carefully looking at the URL. The URL may include rowan.edu but start with a .net, .com or other domain, like xyz.com/rowan.edu/cas/login, as shown below. When you are logging in to applications protected by Rowan’s single sign-on service, the URL will always start with login.rowan.edu.
Once you provide your NetID and password in a fake login page, you may be redirected to another site, asking you to verify your identity through two-factor authentication. This page may appear similar to a legitimate Duo prompt, but will only offer one option: entering a passcode.
If you provide a passcode, the hacker now has everything they need to fully access your account: your Rowan NetID, password and a real Duo passcode to verify your identity.
You must be vigilant to protect your account. Always verify the URL before entering your NetID, password or Duo passcodes into a website.
Pay particular attention to the text between https:// and the next / in URLs: https://irt.rowan.edu/help is a legitimate Rowan University website, while https://irt.scam.com/rowan.edu/help is not.
Repeated Duo Prompts
Another tactic used by hackers to gain access to your account is sending your phone a barrage of Duo sign-in requests with the intent to frustrate you enough to approve access — even if you didn’t initiate the login attempt.
Since hackers need to have your username and password to launch this type of attack — known as multi-factor authentication (MFA) fatigue — you can stop it by changing your password at netid.rowan.edu. For help, follow our step-by-step instructions on updating your Rowan NetID password.