Don't approve if you didn't login!

Remember, Duo MFA is a second factor to prove who you are. If an attacker gets your username and password, they will still be required to use Duo. This means you would receive a Duo notification when you didn't try to login. Attackers try this in hopes you are not aware enough and just push approve. 

Don't approve if you didn't login!