The emails will look like any other Plattsburgh State email, but they can lead students to give out their information to fake school officials offering jobs, internships or even free money. PSU’s plan to implement Duo is one solution to the presence of phishing scams in school emails, and now it’s been activated for student use.
PSU introduced Duo to students Jan. 27, the first day of the spring semester. TJ Myers, coordinator for computing systems & desktop support for the Library & Information Technology Services, expressed that students, just like faculty and staff, are a target for phishing scams.
“We did see an increased number of students’ accounts being compromised by phishing scams and also other social engineering tactics,” Myers said.
Since its student implementation, Duo’s number of users has increased. Myers said out of the 5,989 active students right now, 3,575 students have already enrolled since last Monday.
Sophomore Brenetta Isaacs, a Brooklyn native, had no idea these scams were happening.
“I feel like it’s a waste of time,” Isaacs said. “I understand it’s for safety measures, but after a certain period of time, it gets annoying because you’re only trying to do one thing on MyPlattsburgh, and you have to go through all this security.”
Though the first phase of Duo was implemented to faculty in the fall, some still haven’t adjusted. Mathematics professor Gregory Quenell is one of few people without a cell phone and said the two-factor authentication introduces an inconvenience.
“It’s affecting my teaching negatively,” Quenell said. “I think it’s unnecessary, and [LITS] could do better.”
Quenell feels that certain items like transcripts or financial accounts on PSU’s database need more protection rather than simple homework assignments on Moodle.
Myers shares three important points in order to use Duo more effectively. He urges students to use the Duo app when logging into their account, create the bypass codes that only they can remember and to check the “remember me for eight hours” box to be signed in for longer periods of time on a secure device.
“I know most students aren’t super happy with this, but I think they’re familiar with it,” Myers said. “If anyone has a banking account or anything like that, just about any account you have that has access to sensitive information now has two-factor turned on.”