Falling for a Phish Can Lead to an MFA Bombing Attack

Phishing attacks are frequently carried out through emails or texts that appear to come from a reputable source. Cybercriminals are skilled at using deceitful tactics to trick users into revealing personal information such as logins or credit card information. Common phishing tactics include:

Unsolicited work opportunities that lead to requests for bank routing information, or ask the new “employee” to purchase supplies, with the promise of reimbursement
Messages warning of an imminent deactivation of your accounts, such as bank accounts, social media accounts, or subscription services
Emails allegedly from the IRS, FBI, or other federal agency threatening legal action, and directing you to imposter websites requiring you to enter personally identifying information
Urgent requests from fake email accounts impersonating a high-level person in your organization, asking you to purchase gift cards or submit your credit card information.

Pay close attention to any email asking for GatorLink login credentials. Unauthorized access to your GatorLink account can expose your personal or academic information. Once a GatorLink login is compromised, the attacker may repeatedly spam Duo Push requests to your device — otherwise known as “MFA Bombing” — hoping you will accept just to make the requests stop. Approving an unexpected Duo request gives the criminal access to your account. Visit the MFA bombing webpage to learn more about this form of cyberattack.

Change Coming to Email Login Experience

Modern Authentication will be enabled for supported email clients on Sunday, Sept. 26. This change is necessary to strengthen UF’s security posture: “Modern Auth” provides a more secure login experience and allows usage of multi-factor authentication for supported email clients.

How Does This Change the User Experience?
Anyone who uses an email client that supports Modern Auth will initially see a change in their login experience. After Sept. 26, users will receive a prompt similar to the login.ufl.edu webpage. Users of MS Teams, or the Outlook for iOS/Android login procedure, will be familiar with this new experience. When Modern Auth is implemented, users will also validate with multi-factor authentication. Once successfully authenticated, users will not be prompted for a password again until:

1. Their GatorLink password is changed or expires.
2. Their supported email client is inactive for more than 90 days.

What is NOT happening?
Basic authentication is NOT being disabled. UF email clients using basic authentication (e.g., IMAP and older versions of Outlook) will continue to work as expected.

Whenever a change is made to email, there is always a concern that someone may inadvertently fall victim to email scams intended to steal UF login credentials. Anyone with questions or concerns about the legitimacy of an email should contact the UF Computing Help Desk (132 HUB, helpdesk@ufl.edu, 352-392-HELP/4357).