Stay vigilant for phishing emails

UND has seen multiple compromised accounts recently, most of which have had their direct deposit information changed to another account.

All UND employees must be vigilant about the emails they receive, the information they provide upon request, and Duo prompts when they aren’t logging in.

Malicious emails are coming from various Gmail accounts and other sources with email subjects that include “Updated insurance policy” and “Faculty Development and Support.”

Please remember these Duo security and authentication best practices:

1. Do Not Approve Unknown Authentication Attempts: If you receive a Duo push notification or phone call that you did not initiate, do not approve it. This could be an indication that someone is attempting to access your account without your permission. Reset your password immediately.
2. Do not put your username and password into Google Docs sent through email.
3. UIT will never request passwords, confidential information, or DUO confirmation over the phone or by email.
4. Report Suspicious Activity: If you encounter any suspicious Duo authentication attempts, please reset your password and report them immediately to our IT security team. Prompt reporting helps us take swift action to protect your account and our network.
5. Regularly Review Your Duo Settings: Ensure that your Duo settings are up-to-date. This includes verifying your registered devices and ensuring that your contact information is current.
6. Never Share your Password: If given to anyone else, that person gets to impersonate you and make you responsible for anything they do. If someone needs access to a system, they need to request access for themselves and not use your credentials.

If you have any questions or concerns, don’t hesitate to contact UND Tech Support for assistance.