A new phishing email attempt is circulating among UAB students, faculty and staff. The email claims that your BlazerID is about to expire.

The email looks similar to the one below. Some emails may even come from valid but compromised UAB email accounts.

BlazerID AbouttoExpire
If you receive a similar email, please report it using the "PhishMe Reporter" button on your Outlook, or forward to phishing@uab.edu

To avoid phishing scams, pay close attention to the sender and any links in the email. If they look unusual, ignore them. You can always log in to a known web site — such as the BlazerID web site — instead of clicking on the link.

The video below gives more tips on how to catch a phish.

To ensure UAB's mobile app can continue to deliver easy access to campus systems, the app will undergo maintenance resulting in a brief outage from 9 to 11 a.m. Saturday, Aug. 5.

The UAB mobile app offers a seamless mobile integration with Canvas, BlazerNET, the campus map, directory and other necessary campus systems. Download it today to stay connected.


Improvements to the Box.com web interface will make it easier for UAB employees to search for and share documents when using UAB Box. 

If you are using UAB Box, you can switch to the new interface now to try it out. Box will automatically switch the interface for all users on Sept. 8, 2017. 

Changes include better search capabilities using metadata, simplified sharing options and improved tile view. Notifications will also be renamed “messages” and will be accessible from the new left sidebar. 

UAB Box is a free cloud storage and collaboration tool available to campus faculty and staff. Storage capacity is unlimited, and files up to 15GB can be uploaded.  

Documentation about the changes has been placed on UAB Box in the “Welcome to UAB Box” folder. In that folder is a “New Box Experience” folder containing an inventory of changes and a short video explaining some of the differences between the new interface and the original one. Additional information can be found here [link to KB article].  

To try out the new interface, click here. You can revert to the original interface by clicking the question mark icon near your name in the upper right corner of the Box web page and clicking the link next to “Need to switch back to the old Box Experience?” 

UAB IT recommends you switch to the new interface as early as possible to become familiar with it. 

On Sept. 8, 2017, Box.com will enforce the use of this new interface for all users. 


A number of UAB students and employees have received scam emails tempting them with potential job offers.

The emails, with the subject line “job/internship vacancy,” come from multiple senders who are impersonating legitimate companies or brands.

The text of the message is similar to the following:

“Your resume was forwarded to me from your school career centre in response to an employment/job vacancy. Kindly get back to me at your earliest convenience if you are still looking for an opportunity to pursue.”

These email scams are likely intended to try to steal personal information or may even try to get the recipients involved, unintentionally, in illegal activity.

Students and employees should be wary of any unsolicited emails gauging your interest in a job — especially if you did not apply to the company.

Hover over the email address to check that the sender name matches the email address. Find other tips for detecting phishing emails in the video above.

If you receive a similar email, you should report it to UAB IT’s information security team by clicking the “PhishMe Reporter” button in Outlook, or by forwarding it to phishing@uab.edu.

According to the FBI, such employment email scams commonly target college students.


  • Scammers post online job advertisements soliciting college students for administrative positions.
  • The student employee receives counterfeit checks in the mail or via e-mail and is instructed to deposit the checks into their personal checking account.
  • The scammer then directs the student to withdraw the funds from their checking account and send a portion, via wire transfer, to another individual. Often, the transfer of funds is to a “vendor,” purportedly for equipment, materials, or software necessary for the job.
  • Subsequently, the checks are confirmed to be fraudulent by the bank.


  • "You will need some materials/software and also a time tracker to commence your training and orientation and also you need the software to get started with work. The funds for the software will be provided for you by the company via check. Make sure you use them as instructed for the software and I will refer you to the vendor you are to purchase them from, okay."
  • "I have forwarded your start-up progress report to the HR Dept. and they will be facilitating your start-up funds with which you will be getting your working equipment from vendors and getting started with training."
  • "Enclosed is your first check. Please cash the check, take $300 out as your pay, and send the rest to the vendor for supplies."


  • The student's bank account may be closed due to fraudulent activity and a report could be filed by the bank with a credit bureau or law enforcement agency.
  • The student is responsible for reimbursing the bank the amount of the counterfeit checks.
  • The scamming incident could adversely affect the student’s credit record.
  • The scammers often obtain personal information from the student while posing as their employer, leaving them vulnerable to identity theft.
  • Scammers seeking to acquire funds through fraudulent methods could potentially utilize the money to fund illicit criminal or terrorist activity.


  • Never accept a job that requires depositing checks into your account or wiring portions to other individuals or accounts.
  • Many of the scammers who send these messages are not native English speakers. Look for poor use of the English language in e-mails such as incorrect grammar, capitalization, and tenses.
  • Forward suspicious e-mails to the college’s IT personnel and report to the FBI. Tell your friends to be on the lookout for the scam.
  • If you have been a victim of this scam or any other Internet-related scam, you may file a complaint with the FBI’s Internet Crime Complaint Center at www.IC3.gov and notify your campus police.
Sending PII
Sending Social Security numbers or medical record numbers via email can make you or others more vulnerable to identity theft.

UAB IT will soon implement policy tip warnings via email if it appears you are trying to send a Social Security number or medical record number via your UAB email account.

These warnings are intended to alert you to potential danger and help you protect your data and the information of others.

The popup policy tip will say: "The content of this email appears to conflict with UAB Policy regarding unsecured transmission of Social Security numbers, medical record numbers or other personally identifiable information. Be safe and review the email content before sending."

With the introduction of the policy tip, emails will not yet be blocked from being sent. But emails that appear to include Social Security or medical record number information will eventually be blocked — both in incoming and outgoing emails.

A policy tip has already been established to prevent UAB email users from sending credit card numbers.

“Sending credit card information, Social Security numbers, dates of birth and other personal or financial information is extremely dangerous and could leave you or others vulnerable to identity theft,” said Brian Rivers, assistant vice president and chief information security officer. “Our goal with these policy tips is to help protect our students, faculty and staff.”
UAB IT has completed the migration of all faculty and staff email accounts to Office 365.

The change allows UAB faculty and staff to take advantage of the same email system used by students. Office 365 is a cloud-based system that offers new tools and continues upgrades to improve the service and environment.

The new link to online mail is mail.uab.edu. That email link will be changed on the UAB Quicklinks, which appears on all UAB web sites, on Wedesday, July 12.

Learn more about Office 365 here.
Splunk UAB Innovation Depot 08

Technology leaders from the Birmingham area met at Innovation Depot June 29 with officials from Splunk to explore ways to coauthor future educational programs.

Splunk is the leading platform for real-time operational intelligence. Their technology is a standard for security professionals, and having people trainined in Splunk is exponentially beneficial.

Innovate Birmingham, which graduated its first class of new technology professionals last spring, could be a new site for Splunk training. Innovate Birmingham, led by UAB and a network of 15 partners from the education and tech sectors, is funded by a $6 million America’s Promise grant and is designed to establish a pipeline of local talent to fuel innovation for local employers. Students can receive grants and scholarships to attend the educational training program, which is broken up into individual cohorts, each focused on a different area of technology.

Corey Marshall, director of Splunk4Good, said he was impressed by the partnership already in place in Birmingham.

“I know you guys say you have something special here, but I don’t think you realize how special this really is,” he said.

Marshall said he was impressed with the structure, space and support that Innovation Depot, along with its partners, provides to the Birmingham community, and said he could see the program being used as a model for other cities.

Splunk could provide valuable content and insight that is founded on their technological expertise. This potential partnership with Splunk would bring more opportunities to the students in the Innovation Depot training programs as companies have already expressed their interest in hiring the graduates trained by Splunk.

Other opportunities for Splunk could include corporate training for Birmingham businesses as many companies currently have to send their trainees out-of-state or online to receive training.

Innovate Birmingham’s first graduating cohort, focused on computer support, had an employment rate of 75 percent at graduation and 100 percent within one month of graduation. The latest cohort started in June 2017 and is focused on developer training in corporate partnership with Covalence. The goal of these programs is not merely focused on yield but rather community and economic impact for the long term.

“The students applying for this program are not doing so because their mom sent them. They are doing this because they have the drive and desire to improve their life and the life of their families,” UAB Vice President and CIO Dr. Curtis A. Carver Jr. said.

UAB IT hired two graduates from Innovate Birmingham’s first cohort, both of whom are working in AskIT.
A new ransomware cyberattack called “Petya” is spreading globally and infecting computers, allowing malicious attackers to demand ransom payments to restore data.

The attack is similar to the WannaCry ransomware attack that spread a few weeks ago. Experts believe the initial infection comes from an email attachment, possibly a Microsoft Word attachment.

Some tips to avoid falling for Petya (also called Petwrap):

  • Patch your Windows-based computers and update your Microsoft Office suite. Contact AskIT if you have any questions.
  • Be extremely vigilant when opening email from anyone with whom you are not familiar.
  • If you receive email from an unknown sender, be cautious about replying, opening an attachments or clicking on links or graphics in the email.
  • If you believe you have received a suspicious email, click the “PhishMe Reporter” button in your Outlook or forward the email to phishing@uab.edu.
  • Be cautious about attachments you were not expecting. Even if you receive an email from someone you know, that person’s email may have been infected with ransomware. Contact the sender by phone to make sure the attachment is legitimate.
  • Be wary of emails with incorrect grammar or spelling, or messages in which the signature does not match the sender’s name.
  • Do not click links in messages that ask you to log in. Type a trusted web address in your browser, or Google for the web site if you don’t know the address.
For the past year, UAB IT’s Alexandra Fedorova has been spending several days a week helping to teach a new generation of potential IT employees through the TEALS program, which places tech experts in high school classrooms to give students basic computer science skills. 

“The students are all eager,” Fedorova says. “They want to learn, but most local school just don’t have the resources or experience to teach them.”

TEALS, a national program funded by Microsoft, is in its second year in Birmingham and has partnerships with nine schools, said Tracey Wilson, regional coordinator for the organization. 

TEALS provides volunteer instructors with lesson plans and assignments. Volunteers should expect to spend about an hour to two hours in the classroom twice a week, with some extra time for grading assignments or making modifications to lesson plans. The goal is not only to reach students but to teach high school teachers how to instruct students in computer science skills.

Anyone interested in volunteering for TEALS can visit the web site at tealsk12.org.
Scammers looking to steal electronics are using a new scheme targeting university stores across the country, FBI officials said.

Law enforcement agencies are warning higher education institutions about potential credit card scams involving electronic purchases.

The FBI said the scams, which began this spring, target campus bookstores and students with valid campus identification. Scammers use students to help purchase high-end electronics, particularly Apple products, using students’ valid campus IDs and a stolen or cloned credit card.

Here’s how the scam works:

  • Perpetrators coerce unwitting students into helping them purchase electronics by claiming to be current students who have lost their student IDs.
  • The unwitting students are shown a cloned credit card and identification matching the name on the cloned credit card.
  • Perpetrators accompany students to the campus store cash register and swipes the cloned credit card, while the legitimate student shows the clerk valid campus ID.
FBI officials said that in some cases, perpetrators swiped several declined cards before one was accepted.

To protect yourself from the scam, law enforcement officials recommend you:

  • Do not facilitate a purchase from someone who does not provide valid student ID — especially someone you don’t know.
  • Establish procedures at campus stores that include provisions against allowing someone to use a credit card in someone else’s name.
If you have been a victim of the scam, contact UAB Police.