March 24 Phishing Attempts

Friday, March 24, 2017, many UA employees received phishing emails with the subject title “RE: Admin Service Notification (Alert)” or “Upgrade Your Account”

These emails are phishing attempts designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive one or both of these emails, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

 

 

DUO Change – Remember Me for 30 Days

This Friday, The Office of Information Technology we will be implementing a change to DUO. We will be extending the “Remember me for 24 hour” feature to “Remember me for 30 days.” After this change is made, DUO users will only need to go through the DUO two-factor authentication step once a month.

We value the feedback that we have received from current DUO users to help us make DUO an easy-to-use program for students, faculty and staff at The University of Alabama.

No change is required for the user, the user will simply receive the new “Remember Me” option Friday upon logging into myBama. The “Remember Me” option is indeed optional, and users can continue to go through the two-factor authentication steps upon each login if preferred.

Just like the current “Remember Me” feature, the new feature will only remember you on that particular browser, on that particular device. Meaning, if you need to access your DUO settings, you may do so by using a different web browser or different device.

Please review answers to our frequently asked questions, and contact our IT Service Desk with additional questions at 205-348-5555.

Spring Break Phishing Attempts

Over spring break, many UA employees received phishing emails with the subject title “Alert” or “Upgrade Your University of Alabama Login Page.”

These emails are phishing attempts designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive one or both of these emails, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below are screenshots of the emails.

 

 

 

Latest Version of Firefox Not Supportive of INB

The latest version of Firefox (version 52) disables Java plugins, which correspondingly means that INB will no longer be functional with version 52 of Firefox. Many users have set internet browsers, like Firefox, to auto-update, which is causing users to not be able to access INB.

If you have updated to latest version of Firefox, and you need to access INB through Firefox, you can install the Extended Support Release version. You can also use Internet Explorer version 11 to access INB. If you have any questions, please contact your technical support or the IT Service Desk at 348-5555.

OIT Encourages Students to Be Mindful of Phishing Scams

As we approach the end of spring semester, many students are currently applying for internships and jobs. The Office of Information Technology encourages students to be mindful of potential phishing scams, and to recognize the red flags of phishing when checking their Crimson email.

“Hackers know exactly what to say to get the attention of students,” said UA Chief Information Security Officer Ashley Ewing. “They often send students emails that say things about summer jobs or internships, because they know that’s what students are wanting to see in their inboxes.”

OIT urges students to understand and recognize the warning signs of a phishing email, so that students are able to decipher a real job offer from a phishing job offer.

  • Look at the “From” email address. Confirm that the @ address is the company that the sender says it is.
  • Hover over links to see the URL before you click.
  • Look for an official email signature.
  • If you didn’t apply for it, don’t open it.
  • Do not send sensitive data, like a social security number, over email.
  • Never provide financial information, like credit card numbers or bank account numbers, over email.

If students suspect they are a victim of a phishing attack, they are encouraged change their myBama password and to install DUO. If students have provided sensitive data or financial information to a phishing email, they are encouraged to complete a report with UAPD. For questions, please contact the IT Service Desk at 205-348-5555 with any questions.

March 9 Phishing Attempt

Thursday, March 9, 2017 many UA employees received phishing emails with the subject title “RE: Your Password Expires Today.”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555.

Below is a screenshot of the email.

 

 

 

 

 

 

 

 

 

March 6 Phishing Attempt

Monday, March 6, 2017 many UA employees received phishing emails with the subject title “Upgrade Your Ua.edu Account.”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

 

March 3 Phishing Attempts

Friday, March 3, 2017 many UA employees received phishing emails with the subject title “upgrade your account immediately” or “authentication requirements.”

These emails are phishing attempts designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive one or both of these emails, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below are screenshots of the emails.

 

 

Tax Related Identity Theft – What You Need to Know.

Tax-related identity theft occurs when someone uses your social security number to file a fraudulent tax return on your behalf.

How do I know if I am a victim?

Unfortunately, most people do not know if they are a victim of tax-related identity theft until after the crime has already been committed. Taxpayers find out if they are a victim when they file their taxes. Taxpayers will submit their tax annual documentation only to find that their taxes have already been filed, by someone else. According to the General Accountability Office, the IRS paid out $7 billion in false tax refunds in 2015. That’s $7 billion in the pockets of cyber hackers.

How can I avoid becoming a victim?

You are your own best defense. The only way you can become a victim of tax identity theft is if the criminal files an income tax return using your social security number before you do. The best defense? File your taxes as early as possible so the “bad guys” don’t have the option.  Please also follow the tips below to protect critical data, like your social security number.

Don’t be fooled by calls or emails posing as the IRS.

The IRS communicates via snail mail. Do not trust any emails, and do not click on links or attachments that are posing as the IRS.

Use Antivirus software.

OIT offers McAfee antivirus software for free at oit.ua.edu/software.

Keep an eye on your credit score.

Check your credit report every few months to ensure no one is making purchases, filing tax returns or posing as you.

What if this happens to me?

The IRS combats tax-related identity theft with an aggressive strategy of prevention, detection and victim assistance. Visit irs.gov for more information.

Adobe Creative Cloud Now Available to UA Faculty and Staff

The Office of Information Technology is pleased to announce that Adobe Creative Cloud is now available to UA faculty and staff at no cost! Adobe Creative Cloud is a design suite that includes apps like Photoshop, InDesign, Illustrator and more! Faculty and staff can sign up for an Adobe Enterprise account by visiting the Tech Tab on myBama. There are a few steps to the account creation and download process, so please follow our guidelines to ensure a successful installation.

If you currently have an Adobe Account with your ua.edu email address, we ask that you move to the new enterprise account in order to obtain the same great creative cloud applications at no cost!

Check out our frequently asked questions, and contact the IT Service Desk at 205-348-5555 or itsd@ua.edu with additional questions.