Scammers use social engineering tactics to gain access to organizational systems and cause data breaches. One tactic that has increased recently is MFA fatigue, which overwhelms users with continuous MFA notifications (such as the UTORMFA Duo Mobile prompts) until they approve the login request to stop the surge of notifications being sent to their devices.
How to protect yourself from MFA fatigue
- If you receive a Duo Mobile push notification for UTORMFA or other MFA-enabled accounts that you did not initiate, do not approve the request.
- Immediately change your UTORid password and contact the IT Helpdesk for additional recommendations.
Additional resources for digital safety
- Enrol in UTORMFA to add an extra layer of security to your U of T accounts.
- Protect your online account with unique and strong passwords.
- Learn how to identify and report phishing.