Scammers are after you, and they use “phish” to try to trick you. Don’t get hooked! A phish (pronounced “fish”) is a malicious email trying to steal your information. UAB IT has security protocols in place to protect us all of us, but you are an additional access point in which scammers will try to trick you into giving them access.

If you fall for one of these attacks, by clicking on a link and/or submitting your information, the scammer can not only potentially gain access to UAB’s network but also gain access to your personal information. They can attempt to take your paycheck, steal your identity, steal your latest research, infect your device with malware, etc.

Here are some tips to help you spot a fake and avoid major security damage

  1. Don’t trust the sender’s display name: Hover or rollover the email address and make sure that the email address matches the senders name (ie. Email looks to be from Ray Watts, upon hoover you see: This email address is being protected from spambots. You need JavaScript enabled to view it.)
  2. Don’t trust or click links: Hover links before clicking and make sure the true URL matches the site showed on the text.
  3. Check it for these red flags:
    1. Urgent or attention-grabbing subject lines or requests.
    2. Impersonal or generic greetings
    3. Bad spelling
    4. Money-related messages
    5. Unidentified attachments
    6. When in doubt, report it: This email address is being protected from spambots. You need JavaScript enabled to view it.