Emails reported to the Information Security Office or Help Desk will be listed here. The emails will be identified as phishing or legitimate, with helpful clues as to why the message is malicious or legitimate. Contact email@example.com to report a phishing email.
Spoofed SSO and Duo Authentication Prompt
By Jerry Tylutki
March 10, 2023
Tags Compromised credentials Information Security Phishing
Be cautious when receiving email messages that appear to be from Hamilton College. Provided are two screen captures from a recent phishing message. These screen captures are taken from the redirected webpage which spoofs the legitimate Hamilton Single Sign-On and Duo authentication pages.
Note that the URL is not a valid Hamilton College URL!
This is a spoofed Hamilton College Duo authentication page. There are some obvious signs that reflect this is a malicious, spoofed webpage:
- URL is not a valid Hamilton College URL
- Remember me is set to 90 days. Hamilton College has a 15 day Remember me.
- Hamilton College allows for Push and Telephone; there are no Duo prompts that will only accept a passcode if you are authenticating from a mobile device.