A number of phishing scams have targeted UAB email inboxes in recent weeks, and scammers are faking UAB login pages such as the web email login page, UAB Security Challenge and Central Authentication System.

Two emails pretend to be notices about payroll and appear similar to the emails below: 

phishing payroll 3 100816

These emails are not related to the campus-wide simulated phishing campaign that UAB IT is launching this month as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads. Even if the page looks familiar, verify the URL or type in a URL you know before entering your information.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
A new phishing attempt that directs users to a fake Blackboard Learn login page is circulating in campus inboxes.

The phishing email looks similar to the one below:

phishing 100816


The phishing page users are directed to looks like this:

phishing2100816

This email is not related to the campus-wide simulated phishing campaign that UAB IT is launching this month as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
A phishing email purporting to be from a notification about payroll has hit several email inboxes among faculty and staff at UAB.

The fake email is likely an attempt to steal user information and should be deleted. Users who click on the link are directed to a site that mimics a UAB login site but has a non-UAB URL. A copy of the email is below:

Phishing 091916


If you receive an email with a hidden link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
August 18, 2016

TechConnect services

TechConnect offers a variety of services, from virus removal to computer backup.

  SERVICEDESCRIPTIONCOST
Tools Hourly charge Hourly Labor $75
Lock Virus and spyware removal (no re-image of device) Virus and spyware removal without need for system re-imaging. $99
CellPhone Cell phone glass replacement Includes labor and glass / sensor replacement. Varies by model
Software Software installation Installation of new software $49.50
Computer Computer backup and reinstallation of OS Backup of system files and documents (as identified by the customer); re-imaging system from existing system partition; restoration of documents. Does not include reinstallation of third-party software previously installed by customer. $150
ComputerBackup Computer backup Backup of system files and documents (as identified by the customer), which will be provided to customer on customer-provided media. $60
Memory Memory installation Installation of additional memory on laptop or desktop system. $37.50
HardDrive Hard drive installation Installation of hard drive on laptop or desktop system. $56.25
TroubleShooting Software troubleshooting Troubleshooting issues with currently installed software $37.50
AskIT will have special holiday hours over the next two weeks.

All operations — including the walk-up help desk and phone support — will be closed Friday, Dec. 25, and Friday, Jan. 1.

Walk-up support at Sterne Library will be also closed Dec. 26 and 27.

Walk-up support will be available at Sterne Library from 8 a.m. to 5 p.m. Dec. 21-23 and Dec. 28-31 but will close early on Dec. 24 and on Dec. 31 at noon.

Phone support will remain available from 9 a.m. to 5 p.m. Saturdays and from 1 to 6 p.m. Sundays, as well as 7 a.m. to 6 p.m. Dec. 21-24 and Dec. 28-31.
UAB IT will be rolling out Internet Explorer 11 to its Desktop-supported customers beginning Wednesday. Microsoft will no longer be supporting earlier versions of IE beginning in January, making those earlier versions of the browser a security risk.

IE11 works for all of UAB’s enterprise systems except for IRAP, the Integrated Research Administration Portal. IRAP users can visit uab.edu/IRAP to see how best to access the system.
UAB IT has debuted a cloud storage service for campus faculty and staff. OneDrive

Each UAB faculty and staff member can now sign up for a Microsoft OneDrive account, which provides 1TB of cloud storage and allow file sharing. Individual file size limits are 2GB. Microsoft plans to add unlimited storage and increase file size limits to 10GB in early 2016.

Faculty and staff can also use the Microsoft Office programs including Word, Excel and PowerPoint in the cloud, as well as download those programs to their computers. The Office products are primarily made available for installation on the user’s personal/home system, and faculty/staff should consult with their department or school's IT support before installing any Office 365 products on their UAB system. Office products for installation on UAB systems should be downloaded from UAB IT’s software library.

Photos, videos, spreadsheets and other work documents can be stored in OneDrive accounts, and users can also create, edit and share Microsoft documents within their accounts. Users can access files on any device, including PCs, Macs, tablets and mobile phones.

UAB does not permit storage of sensitive data in the cloud. For guidance, refer to:

A critical security vulnerability has been identified in versions of Adobe Flash Player, and UAB users are urged to update it on their computer systems. flash player

Adobe has released an emergency update to address the issue. The vulnerabilities could allow a hacker to take control of a system.

Users can verify that they have the latest version of Flash Player by visiting the website: https://www.adobe.com/software/flash/about/.
AdminSysScreenshot
A new interactive Administrative Systems page, which many UAB staff and students use to access systems and applications across campus, is now live. 

UAB Web Communications and UAB IT collaborated to redesign the page so that users can custom configure the buttons that access various systems, from Banner to Oracle to Xtender. 

The default layout shows the systems in alphabetical order, but users can click the “Configure Layout” button to rearrange the buttons, add or remove them.

A user’s customized layout is retained in the web browser when he or she returns.

Active system alerts and other important messages will also be displayed on the page.

Redesigning the Administrative Systems page was an idea proposed on SPARK, UAB IT’s platform for crowdsourcing innovation. 

UAB IT recommends as a best practice that campus users access systems through the Administrative Systems page, rather than bookmarking systems, so that they can get up-to-date information and alerts as well as the correct links to those systems.
Published in Announcements
Page 1 of 18