Recent phishing attacks are becoming more and more sophisticated, and we would like to encourage you to protect your Auburn account information by enabling 2-Factor Authentication, also known as 2FA. Even if you've never heard of 2FA, chances are you've used it. Does your bank sometimes call you to confirm your identity? Or does Amazon send you a code via text before you can login? That's 2-Factor Authentication.

Auburn University uses Duo as an added layer of protection – it's like a second password for your account. Not only does 2FA protect you from unauthorized logins, but it can help protect you from phishing attacks as well. How? Some attacks may encourage you to click accept on a Duo request – but Duo and Auburn will NEVER ask you to authorize Duo through your email. You select your Duo authorization method, so you will know immediately that any other request is spam. If you receive a Duo request that you did not initiate, please reject it and mark it as fraud! Someone from the CyberSecurity team will contact you for further information. 

You can also trust that no one will ever ask you for your password via email. If you feel like you have entered your credentials someplace you shouldn't, we urge you to change your Auburn password immediately. If you use that same password elsewhere, please consider changing those as well. And if you feel like you've gotten a suspicious email, please forward it to infosec@auburn.edu. You can also contact helpdesk@auburn.edu if you're not sure. When in doubt, don't enter your login information!

For more information on phishing attacks, go to the OIT CyberSecurity Center Website.