The fake email is likely an attempt to steal user information and should be deleted. Users who click on the link are directed to a site that mimics a UAB login site but has a non-UAB URL. A copy of the email is below:
If you receive an email with a hidden link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.
Look at the URL of the website you are visiting.
To report suspected spam to AskIT, please follow the instructions here.
Follow these additional tips to avoid being a phishing victim:
- Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
- Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
- Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
- Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
- If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
- Don’t open attachments. They may contain viruses or malware that can infect your computer.
- Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
- Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.