Security Alert

OIT and CIT Advise Blackboard Users to Uninstall One Class Chrome Plugin

The Office of Information Technology and the Center for Instructional Technology advise Blackboard users to remove the OneClass Chrome browser plugin if it is installed on your system. The plugin has been noted as a security concern, and can potentially email phishing attempts to all students in a class from the OneClass account. The plugin has also been infected with code that attempts to collect and steal login credentials, including usernames and passwords. If you are using the plugin, we do recommend that you reset your Blackboard/myBama password after removing the plugin.

If you have any questions, or think that you might be a victim of a phishing attempt, please contact the IT Service Desk at 205-348-5555.

Dec. 5 Phishing Attempt

Monday, Dec. 5, 2016 many UA employees received emails with the subject title ”URGENT: Your mailbox is almost full.”

This email is an attempt to steal usernames and passwords. Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive the email, and you did click on the link in the email to provide your username, password or other sensitive data, please promptly change your myBama password. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

Phishing-Attempt-20161205

Nov. 23 Phishing Attempt

Wednesday, Nov. 23, 2016 many UA employees received emails with the subject title ”UA – VDT/VDI Security Update.”

This email is an attempt to steal usernames, passwords and other sensitive data. Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive the email, and you did click on the link in the email to provide your username, password or other sensitive data, please promptly change your myBama password. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu. Below is a screenshot of the email.

 

Nov. 15 Phishing Attempt

Tuesday, Nov. 15, 2016 many UA employees received emails with the subject title ”Important Payment.” This message also contains a malicious attachment “Pay Notification.pdf.”

This email is an attempt to steal usernames and passwords and to possibly infect your system with malicious code. Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive the email, and you did open the attachment or click on the link in the email to provide your username, password or other sensitive data, please promptly change your myBama password. Please contact the IT Service Desk with questions and concerns 205-348-5555.

Below is a screenshot of the message.

Unknown

Nov. 12 Phishing Attempt

Saturday, Nov. 12, 2016 many UA employees received an email with the subject title “Important Message.” The message content included false alerts that employees’ “mailboxes are almost full.”

This email is an attempt to steal personal information as well as webmail usernames and passwords. Please remember that The University of Alabama does not send out these types of messages. At this time, OIT does not place limits or quotas on ua.edu mailboxes. If you haven’t already, please delete the email.

If you did receive the email, and you did click on the link in the email to provide your username, password or other sensitive data, please please promptly change your myBama password. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the phishing attempt.

Screen Shot 2016-11-14 at 8.25.11 AM

Phishing Attempt Titled “Tutor”

Tuesday, Oct. 11, 2016 students may have received an email with the subject “Tutor.” This email is an attempt to steal personal student information, potentially usernames and passwords. Please remember that The University of Alabama does not send out these types. If you haven’t already, please delete the email.

If you did provide any information in return to this email, please contact our IT Service Desk at 205-348-5555. Additionally, please promptly change your myBama password.

Phishing Attack Titled “Message from Human Resources”

Monday, Oct. 10, 2016 many UA employees received emails with the subject title “Message from University of Alabama – Payroll Department” OR “Message from Human Resources Service Center ” 

These emails are attempts to steal personal information as well as usernames and passwords. Please remember that The University of Alabama does not send out these types of messages, nor do we ask for social security numbers or dates of birth in this manner. If you haven’t already, please delete the email.

If you did receive the email, and you did click on the link in the email to provide your social security number or other sensitive data, please actively monitor your credit. Additionally, please promptly change your myBama password. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

 

20161010-Phishing

UA Email Phishing Attempt Titled “UA Email Upgrade”

Earlier today, students, faculty and staff may have received an email titled “UA Email Upgrade.”

This email is an attempt to steal myBama usernames and passwords to possibly infect your system with malicious code. Keep in mind that The University of Alabama does not send out these types of messages. If you have not already, please delete the email. If you did click the link in the email to provide your myBama username and password, please login to your myBama account and change your password.

If you have any questions, please contact the OIT Service Desk at 348-5555.

Extortion Email Schemes

The FBI has released a public service announcement regarding extortion attempts via email. From the PSA:

The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details, will be released to the recipient’s social media contacts, family, and friends if a ransom is not paid. The recipient is instructed to pay in Bitcoin, a virtual currency that provides a high degree of anonymity to the transactions. The recipients are typically given a short deadline.

With the current exchange rate, 2 to 5 bitcoins is approximately $1,100 to $2,900.

These emails are not much different than ordinary phishing attempts. It’s unlikely that the person on the other end actually has any information. The FBI has provided a few tips to protect yourself from these scams.

  • Do not open e-mail or attachments from unknown individuals.
  • Do not communicate with the subject.
  • Do not store sensitive or embarrassing photos of yourself online or on yourmobile devices.
  • Use strong passwords and do not use the same password for multiplewebsites.
  • Ensure security settings for social media accounts are turned on and set atthe highest level of protection.
  • When providing personally identifiable information, credit cardinformation, or other sensitive information to a website, ensure the transmission is secure by verifying the URL prefix includes https, or the status bar displays a “lock” icon.

If you receive one of these emails, please let us know at security@ua.edu.

Phishing Email: “IT DESK”

Some users may have received an email with the subject “IT DESK” yesterday evening. As always, be on the lookout for any email that may be attempting to steal your information.

Unknown
Click for a larger version.