Do NOT respond to emails from unknown senders
Do NOT respond to emails from unknown senders

Having trouble viewing this email? View online
 
September 9, 2022
Dear students,
Yesterday the Duke community experienced a wave of phishing attacks. You might have received an unexpected email with one of the following subject lines:
  • Unicef Employment
  • Warning
  • Urgent Warning
  • No Subject Line
Do not respond to these emails. They are phishing attacks.
Duke will NEVER ask for your password or MFA codes. Duke will NEVER ask for the response to come from a non-Duke address.
You can sign up for IT Alerts for security updates in real time.
Some of the messages contained links in the actual message, a PDF file with a single link, or a PDF file offering the recipient a job with Unicef and the gmail address to contact.
If you responded to one of these messages AND provided your Duke credentials (username, password, security questions, or MFA codes) immediately contact the Duke Service Desk - oit.duke.edu/help - or Duke's IT Security Office - security.duke.edu for assistance in resetting your password. You can also email help@duke.edu or security@duke.edu.
If you receive SMS texts with new Duo codes, or receive a Duo push and were not expecting it, then you should NOT respond. Report the occurrence to security@duke.edu.
screenshot of duke oit help page
More information about the attacks: The attacker is taking advantage of recipients to bypass Duke's multifactor authentication security protocols by trying to convince students, faculty, and staff to provide their credentials on a fraudulent web page, OR contacting the Duke user directly if they have provided their cell phone number and asking them to provide the Duo code. Unfortunately, some have provided the information, allowing the attacker to contact thousands more in the Duke system.
As a reminder, the best way to submit suspicious emails to IT Security is via the "Report Phish to Duke" button available in any Outlook client (PC, Mac, web, or mobile). We encourage students to also sign up for IT Alerts for updates in real time.
Click here to sign up for IT Alerts!
Thank you, and Go Duke!
Student Affairs
Office of Information Technology
This email was sent to: kristin.lobiondo@duke.edu.