When you get what looks like a phishing scam email, you have a quick and easy tool to report it to UAB IT.

PhishMe Reporter allows you to make one click to send the email scam to UAB IT's information technology department to investigate — it's a little bit like sending up a signal flare to report phishing attacks.

Anyone using Microsoft Outlook for campus email should install PhishMe Reporter and use it for reporting phishing emails. Campus faculty and staff who are servced by UAB IT's Desktop Services should already have PhishMe Reporter installed on Outlook.

If you have questions, please contact AskIT at 205-996-5555 or your department's IT personnel. 

For information about phishing — and how to avoid getting caught by a phishing email — visit uab.edu/phishing.
Anatomy of a Phish 04Click the image for a larger view

It was an easy phish to fall for: An email that looked like it came from UAB President Ray Watts, with an “important announcement.”

But while it looked innocent, the email that went to students, faculty and staff across campus came from a malicious attacker trying to gain access to UAB systems — and your personal and financial information.

So how do you spot a phish? Take time to look for the signs. Even an email that seems “official” can have the telltale hallmarks of a phish.

The “Ray Watts” email, for example, didn’t actually come from Dr. Watts’ email, or any UAB address.

If you hover your mouse over the sender’s address, you see an outside email — a clear sign that it could be a malicious attacker.

Mismatched fonts, bad grammar, unsolicited attachments and links are other signs that a seemingly harmless email is actually out to steal your information.

Never click on links or open attachments in unexpected emails. Only enter your credentials — your BlazerID and password — at trusted web sites.

Being vigilant against phishing protects you — and all of UAB.

Visit uab.edu/phishing to learn more about how to avoid phishing attacks and get the latest alerts.

Also, install PhishMe Reporter on Outlook so you have one-click access to report phishing emails to UAB IT's information security division.
1GB to Desktops UABIT

Your desktop computer’s connection to the UAB network is now 10 times faster after upgrades last month by UAB IT.

Campus desktops now have a 1-gigabit connection, upgraded from a 100 megabit connection which allows faculty and staff to take greater advantage of the 100 gigabits per second internet connection UAB IT debuted last fall.

Upgrading the network infrastructure was made possible by an investment from the University administration and UAB IT, said Shawn Ellis, associate vice president and chief technology officer.

“This is a more standard internet connection,” Ellis said, “giving faculty and staff network access that is 10 times faster than they previously had.”

The 1 gigabit connections to desktops are part of a larger investment in upgrading the campus network infrastructure, which has included implementing the 100 gigabit internet connection for campus; expanding WiFi access points across campus; and partnering with content delivery network Akamai to increase internet capacity and reduce access times for content.

“The result is that faculty, staff, researchers and students can do their work more efficiently and effectively”, said Dr. Curtis A. Carver Jr., vice president and chief information officer.

“Our aim is simply to make your technology life faster and easier so that you can help change the world,” Carver said.
Phishing emails that purport to be a "payroll notification" are actually an attempt to steal your password or personal information. Delete the emails; do NOT open the attachments or enter your BlazerID or password on any links enclosed.

The emails looks similar to the images below:

Phish 012117phish payrollnotification 012317

This email is not related to the campus-wide simulated phishing campaign that UAB IT is using as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads. Even if the page looks familiar, verify the URL or type in a URL you know before entering your information.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
Page 14 of 33