“Your paycheck has been compromised.” That’s the kind of subject line you’ll see in a phishing email that’s trying to trick you into revealing personal information — like your BlazerID and password.

But if you fall for it, your paycheck — and all of your other personal information — truly could be compromised.

UAB has been under attack from scam artists and phishing e-mails. Dozens of individuals have fallen victim to the attacks and have had their e-mail accounts compromised and used for malicious purposes.

Users whose accounts are compromised will have their passwords revoked. The recommended method to reset them is through BlazerID self-service, particularly during the holidays when AskIT will have limited hours. AskIT will be closed on Thursday, Nov. 27, and Friday, Nov. 28, and will reopen at 9 a.m. Saturday.

Scam e-mails typically increase around the holidays, so take steps now to be able to recover your password by registering for BlazerID self-service.

Be extremely cautious about any e-mail message that claims to be from UAB, and NEVER provide your password in response to an e-mail communication.

Follow these additional tips to avoid being a victim:

• Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.

• Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.

• Verify the address. Malicious Web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).

• Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.

• If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.

• Don’t open attachments. They may contain viruses or malware that can infect your computer.

• Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.

• Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555.  Hospital employees can call the HSIS Help Desk at 205-934-8888.



The jolly old elf himself will help collect toys for UAB’s annual Toy Drive during a “Drive-Through Santa” event on Friday, Dec. 5.

drivethrough santaThe UAB Toy Drive is ongoing now, with boxes distributed in 30 locations throughout campus to collect new, unwrapped toys. The UAB Toy Drive will end on Dec. 5.

Anyone with last-minute gifts will be able to drop them off at the entrance to the Administration Building, located at 701 20th St. South. Santa Claus and his helpers will be there between 7:30 a.m. and 1 p.m. on Dec. 5 to receive the gifts. 

“This is the first time that the UAB Toy Drive has featured a ‘Drive-Through Santa,’” said Eric Thompson, chairman of this year’s committee. “We’re doing everything we can to make it convenient for UAB faculty, staff and students to support the UAB Toy Drive.”

This is the 21st year that UAB has participated in Toys for Tots, which provides Christmas gifts for children in need throughout the greater Birmingham area.
AskIT will have special hours during the Thanksgiving holiday week.

AskIT will be open from 7 a.m. to 7 p.m. Monday, Nov. 24, and Tuesday, Nov. 25. AskIT will be open from 7 a.m. to 5 p.m. Wednesday. The help desk will be CLOSED Thursday and Friday for the Thanksgiving holidays.

Regular hours will resume Saturday, Nov. 29.
Social media has changed the way we interact with each other, but while they have made some things easier for us, they have also made it easier for us to be a target for security risks.

The November issue of the IT Risk Bulletin, a joint publication of UAB, the University of Alabama, UAB Health System and the University of Alabama-Huntsville, offers some practical tips for staying safe online.

Among them:

• Keep private information private. Do NOT post your Social Security number, banking PIN or other personal information.

• Use the social network’s privacy and security settings to control what you post.

• Only approve friend requests from people you know.

For more tips and to access previous IT Risk Bulletins, click here.

Page 1 of 5