Never approve an authentication request from Microsoft Authenticator or Duo if you have not been attempting to log into a UNC or Microsoft resource. Depending on which type of authentication request you chose, these requests may come as push notifications, text messages or phone calls. Do not approve or accept any request for authentication if you did not do something to trigger that request.
If you receive a push notification not in conjunction with a login you initiated, you can report it directly from your mobile phone in both the Duo and the Microsoft Authenticator apps by selecting “DENY.” Microsoft Authenticator allows you to quickly highlight your concern and starts a help desk ticket to help evaluate the situation and the access to your account.
If you accidentally approved a push notification in either app or if you received an unexpected voice call from Microsoft, you should report these to the service desk, or call (919) 962-HELP immediately. In rare cases, this could be attempted abuse by someone with knowledge of your password.
If it is a one time request and you click ‘DENY,’ then you have stopped that access request. To prevent further access requests from the same source, Choose DENY and then DISMISS in Microsoft Authenticator. In Duo, click DENY then click IT SEEMS FRAUDULENT. In most instances, this should stop further attempts from the same source to access your information via these 2-Step Verification apps.
You can always contact the help desk at (919) 962-HELP or online if you are using Text or Call Me and you have questions on these issues.