43F3E567-FFDF-97F2-5210965A481A0307
E1C5E591-6E22-4D25-860D8270E77C410B

Emails reported to the Information Security Office or Help Desk will be listed here. The emails will be identified as phishing or legitimate, with helpful clues as to why the message is malicious or legitimate. Contact infosec@hamilton.edu to report a phishing email.

Spoofed SSO and Duo Authentication Prompt

By Jerry Tylutki

Tags Compromised credentials Information Security Phishing

Be cautious when receiving email messages that appear to be from Hamilton College. Provided are two screen captures from a recent phishing message. These screen captures are taken from the redirected webpage which spoofs the legitimate Hamilton Single Sign-On and Duo authentication pages.

Note that the URL is not a valid Hamilton College URL!

Phishing alert - spoofed SSO login

Phishing Alert - Spoofed Duo

This is a spoofed Hamilton College Duo authentication page. There are some obvious signs that reflect this is a malicious, spoofed webpage:

  1. URL is not a valid Hamilton College URL
  2. Remember me is set to 90 days. Hamilton College has a 15 day Remember me.
  3. Hamilton College allows for Push and Telephone; there are no Duo prompts that will only accept a passcode if you are authenticating from a mobile device.


All Entries

Contact

Jerry Tylutki

Information Security Officer

Help us provide an accessible education, offer innovative resources and programs, and foster intellectual exploration.

Site Search