Be Careful when Approving MFA

Start of the Scamming 

  • At the start of the semester, we often see a rise in online scams targeting students, staff, and faculty. Be cautious of unsolicited emails, including those from CSULB accounts that are attempting to lure you with attractive job offers, scholarships, or documents to share that appear unusual. You should also be aware of unexpected Multi-Factor Authentication (MFA) notifications, that is, MFA requests that are sent to you when you are not actively logging in. This is often a sign of someone trying to access your account, so do not accept such requests if you did not initiate them. If you are unsure of the validity of an email, forward it to alert@csulb.eduand the Division of IT will validate (or not) the message. You can also reference our CSULB Phish Bowl site of known reported phishing attempts targeting our campus.

What to do When You Receive an Unexpected Two-Step Authentication Request

Never approve an authentication request from Microsoft Authenticator if you have not been attempting to log into a UNC or Microsoft resource. Depending on which type of authentication request you chose, these requests may come as push notifications, text messages or phone calls. Do not approve or accept any request for authentication if you did not do something to trigger that request.