Security Alert

May 2, 2017 – Phishing Attempt

Wednesday, May 2, 2017, many UA employees received a phishing email with the subject title “Tatum (Lexi) Mcculley has shared a document on Google Docs with you”.

This email is a phishing attempt that asks you to click on a link to Google Docs.  When users click on the file, the fake Google Docs will seek permission to access your account. Users who click on the link and follow through with the process should go to Google’s account permissions to deny access.

If you haven’t already, please delete the email.

If you did receive this email, and you did click on the attachment, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

April 22 Phishing Attempt

Saturday, April 22, 2017, several UA employees received a phishing email with the subject title “Urgent: Webmail Quota”.

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Student Phishing Attempt April 21

Friday, April 21, 2017, many UA students received a phishing email from a compromised crimson email account. 

This email is a phishing attempt designed to steal usernames, passwords, credit card information and to possibly infect your system with malicious code. Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the ITService Desk with questions and concerns 205-348-5555or itsd@ua.edu.

April 19 Phishing Attempt

Wednesday, April 19, 2017, many UA employees received a phishing email with the subject title “Unusual Login Attempt.”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

April 10 Phishing Attempt

Monday, April 10, 2017, many UA employees received a phishing email with the subject title “The University of Alabama New Upgrading”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

April 1 Phishing Attempt

Not an April Fool’s joke. Saturday, April 1, 2017, many UA employees received phishing emails with the subject titles “Dear UA User” and “Ua.edu New Upgrading”

These emails are phishing attempts designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the emails.

If you did receive one or both of these emails, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below are screenshots of the emails.

 

 

 

March 31 Phishing Attempt

Friday, March 31, 2017, many UA employees received a phishing email with the subject title “Upgrade Your University of Alabama. Account”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

March 29 Phishing Attempt

Wednesday, March 29, 2017, many UA employees received a phishing email with the subject title “Outlook Web.”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

March 24 Phishing Attempts

Friday, March 24, 2017, many UA employees received phishing emails with the subject title “RE: Admin Service Notification (Alert)” or “Upgrade Your Account”

These emails are phishing attempts designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive one or both of these emails, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

 

 

DUO Change – Remember Me for 30 Days

This Friday, The Office of Information Technology we will be implementing a change to DUO. We will be extending the “Remember me for 24 hour” feature to “Remember me for 30 days.” After this change is made, DUO users will only need to go through the DUO two-factor authentication step once a month.

We value the feedback that we have received from current DUO users to help us make DUO an easy-to-use program for students, faculty and staff at The University of Alabama.

No change is required for the user, the user will simply receive the new “Remember Me” option Friday upon logging into myBama. The “Remember Me” option is indeed optional, and users can continue to go through the two-factor authentication steps upon each login if preferred.

Just like the current “Remember Me” feature, the new feature will only remember you on that particular browser, on that particular device. Meaning, if you need to access your DUO settings, you may do so by using a different web browser or different device.

Please review answers to our frequently asked questions, and contact our IT Service Desk with additional questions at 205-348-5555.