UAB IT is investigating a new rash of phishing emails sent to campus mailboxes, many of them urging action on expired passwords or purporting to be notifications of passwords or authentication. The emails may include a malicious link to take action and enter credentials. In some cases, scammers are delivering malware via an HTML attachment or using legitimate links that redirect to a fake landing page.

Some of the phishing email subject lines have included:

• Action Required: Notification Access- Tuesday, March 21, 2023
• Mail Portal Services Inc uab.edu
• Action Required: Password Expiration Notice Wednesday, March 22, 2023.
• uab.edu Authentication Notification Tuesday, March 21, 2023
• Review Notification
• Password Notification Wednesday, March 22, 2023
• New invoice_uab.edu_Wednesday, March 22, 2023
• uab.edu Expired Password Notification Monday, March 20, 2023
• Action Required: Password Expiration Notice Tuesday, March 21, 2023.

If you receive a suspicious email, report it using the Report Phishing button in Outlook or forward it to This email address is being protected from spambots. You need JavaScript enabled to view it.. Reporting a phish helps UAB IT more quickly respond to remove similar malicious messages from inboxes across campus. If you believe you have entered your credentials on one of these fake sites, go to UAB.edu/blazerID to change your password. Contact AskIT if you have any issues.

Some tips on what to look for in suspicious emails:

• An urgent call to action or threats
• Misspelling and bad grammar
• Generic greetings
• Mismatched email domains
• Suspicious links or unexpected attachments