UAB IT Information Security reports that there has been a recent sharp rise in the occurrence of a scam commonly known as a “support desk scam” on campus. In effort to help prevent you from being victimized, UAB Information Security has provided a description of the scam and some tips you can use to protect yourselves. 

About the scam:
Support Desk Scams are perpetrated  through a phone call.  Typically, the scammer will have a thick foreign accent and claim to be from some company’s (e.g. Microsoft, Apple) Support Services in the Technical Department.  The scammer will tell you something along the lines of “Your computer is seriously infected and has been causing a lot of trouble on the internet” or that “Your machine is at serious risk for infection”. Some scammers even offer you the opportunity to verify their ID by typing a specific command into your computer but this is not a legitimate method of verification. Once the scam caller feels they have your trust, they will ask you to take one of the following actions:

  1. visit a website that will allow them complete access to your machine
  2. download something they claim will help but is actually a virus
  3. purchase an item that will protect your machine but will do more harm than good and require you provide them will personal information. 

What you should look for and know:

  • Microsoft will never call you and say you’re machine is at risk/compromised or that you have been causing problems on the internet.
  • Always ask for a call back number and say you’ll call them back. Google the phone number they give you.  It is likely someone else has posted complaints about scammer online.
  • Never purchase and/or download something blindly from the internet based on the suggestion of an untrusted source.
  • Never give anyone access to your machine that you do not know and explicitly trust.

Remember, it is very simple to avoid being a victim by using caution.  If you ever have legitimacy concerns about a phone call or an email, contact UAB AskIT @ This email address is being protected from spambots. You need JavaScript enabled to view it. or 205-996-5555. 


Connecting an Android device to uabwifi-nac

The UAB wifi network supports Android devices running OS versions 2.1 or higher. Before attempting to connect to the UAB network, please ensure the device is up to date by performing any software updates. You should then follow the steps below to connect your Android wireless device to uabwifi-nac.

Note: You must be on campus and within range of the UAB wireless network to perform these steps.

1. On the home screen, access your Apps and click Settings.

2. Press Wi-Fi.

3. Make sure Wireless Networking is turned on.

4. From the list of wireless networks, press uabwifi-nac.

5. You are presented with a number of options. Select the following:
  • For EAP method, select PEAP.
  • For Phase 2 authentication, select MSCHAPV2.
  • For CA certificate, select (unspecified).
  • For User certificate, select (unspecified).
  • For Identity, enter your Blazer ID.
  • For Anonymous Identity, leave this box empty.
  • For Password, enter your password.

6. Press Connect.

If you are unable to see the Connect button, press the keyboard icon located in the lower-right corner of your screen. This will hide the keyboard so you can see the Connect button.


Published in FAQ - Infrastructure

Qualtrics Research Suite (Surveys) 

UAB has an agreement in place with Qualtrics that provides a survey tool to the UAB campus community at a discounted price to what is available to individual users and schools direclty from Qualtrics.  School-level subscriptions include faculty, staff, and students. All other subscription levels include only employees (faculty/staff).  The licensing is for campus only and does not include the UAB Hospital.  If your school or department previously had a subscription directly with Qualtrics, those subscriptions are now included under the discounted campus agreement. Contact AskIT for information on migrating your surveys to the new subscription.

For more information about the Qualtrics subscriptions available under UAB's Agreement click here. 

June 14, 2013

BlazerID Central

BlazerID Central

UAB Organizational Learning and Development

May 9, 2013

Purpose

Computer systems running vendor-unsupported or end-of-life operating systems are potential security threats to the UAB campus network. Vendors do not provide security patches for unsupported systems, and these unpatched systems can be exploited by attackers. Such exploitations can result in disrupted experiments, corrupted research data and/or completely compromised systems.  UABIT reserves the right to disconnect these computers from the campus network to mitigate this data breach risk (see UAB’s Acceptable Use of Computer and Network Resources policy).  UAB system administrators are responsible for maintaining the security of all information systems, per the campus Data Protection and Security Policy, which includes updating applications and operating systems.

Windows XP will not be supported after April 2014. Windows versions prior to Windows XP and any version of Mac OS X prior to version 10.6 should be considered unsupported.


Scope

The information in this guidance statement applies to all constituents internal to UAB.

Guidance

We recommend that systems running legacy, unsupported operating systems should not be used. They should be disconnected from the network because of the significant security risk to the university’s network and environment. If the device is critical and cannot be turned off or disconnected, the device should be physically isolated from the university network. If disconnection and/or isolation are not possible, then an exemption and risk acceptance form will need to be completed, signed by the appropriate dean or vice president, and filed with Enterprise Information Security.

Unsupported legacy operating systems:

Windows Family

Windows 95/98/ME

Windows 2000

Windows 2003

Windows XP after April 8, 2014

Mac OS X Family

Mac OS 9.x

OS X 10.5 (Leopard)

OS X 10.4 (Tiger)

OS X 10.3 (Panther)

OS X 10.2 (Jaguar)

Linux Distributions

Ubuntu 11.10 after May 9, 2013

Ubuntu 11.04 and Prior

Ubuntu 10.04.4 LTS

Debian 5.0 (lenny)

Debian 4.0 (etch)

Debian 3.1 (sarge)

Debian 3.0 (woody)

Other Unix OS

AIX prior to 6.1

Solaris prior to 9 (SunOS 5.9)

Questions can be directed to This email address is being protected from spambots. You need JavaScript enabled to view it. or, by calling (205) 975-0842.


References

http://sppublic.ad.uab.edu/policies/pages/LibraryDetail.aspx?pID=38

http://support.microsoft.com/gp/lifeselect

http://www.debian.org/releases/

https://wiki.ubuntu.com/Releases

http://www-01.ibm.com/software/support/aix/lifecycle/index.html

http://www.sun.com/service/eosl/eosl_solaris.html

http://www.computerworld.com/s/article/9229784/Mac_users_left_wondering_if_OS_X_Snow_Leopard_s_retired




February 18, 2013

Dell Home-Use Purchases

Dell Products for UAB Students & Faculty/Staff Home Use

Through UAB's relationship with Dell, many products are available to students (and parents on behalf of students) and faculty/staff for purchase for home use.  Check this page often as Dell regularly provides notices of sales and discounted items and they will be posted here.  Remember, these are Dell's prices and are not negotiated by UAB, but simply discounted offerings that Dell is making available to the education community. You will need the UAB Member ID provided below. 

URL: www.dell.com/dellu/uab

Member ID: US116018898

Phone Dell's sales team: 800-695-8133

Click on the ad to enlarge.

University of Alabama at BirminghamApril Promo

 

 

UAB Information Security recently discovered a new spam campaign where users are tricked into opening an email attachment that contains a virus aimed at stealing passwords and financial information.  As with any suspicious email messages you may receive, please report them to This email address is being protected from spambots. You need JavaScript enabled to view it. for inspection.

The recent spam email messages are crafted to look like they came from one of several legitimate companies such as Chase Bank, the Better Business Bureau (BBB), Department of Treasury, Dun & Bradstreet Financial Services or a wire transfer company. You should be aware that these emails are forged and that none of the information included in the email can be trusted including embedded links, e-mail addresses or phone numbers.

Here are some of the common email subject lines we have seen in this spam campaign:

•  FW: Company 2013 Report

•  Incoming Wire Transfer Notification

•  D&B iUpdate: Company Order Requested

•  Department of Treasury Notice of Outstanding Obligation – Case ######

•  Better Business Bureau Complaint Case #######

•  Merchant Billing Statement

•  ACTION REQUIRED: A document has arrived for your review/approval (Document Flow Manager)