Phishing Alert – June 18

Thursday, June 18, many UA faculty + staff received a phishing email with the subject “Email Password Reminder or Account Password Reminder”.

This email is an attempt to steal usernames, passwords or other sensitive information. If you haven’t already, please delete the email.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address. If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Phishing Alert – June 14

Sunday, June 14, many UA students received a phishing email with the subject “The University of Alabama(Crimson)Virtual Internship”.

This email is an attempt to steal usernames, passwords or other sensitive information. If you haven’t already, please delete the email.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address. If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Phishing Alert – June 15

Monday, June 15, many UA faculty + staff received a phishing email with the subject “Dear ua.edu Community,”.

This email is an attempt to steal usernames, passwords or other sensitive information. If you haven’t already, please delete the email.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address. If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu. Below is a screenshot of the email.

June 15 Phishing email

Phishing Alert – June 12

Friday, June 12, many UA students received a phishing email with the subject “FACULTY JOB POSITIONS”.

This email is an attempt to steal usernames, passwords or other sensitive information. If you haven’t already, please delete the email.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address. If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu. Below is a screenshot of the message.

June 12 phishing email

Phishing Alert – June 2

Tuesday, June 2, many UA faculty + staff received a phishing email with the subject “Notice from Faculty of ITS Admin”.

This email posed as an IT Help Desk, telling recipients their mailbox storage was nearly full. This email did not originate from OIT and is in no way affiliated with our O365 mailbox migration project.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address. If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

O365 Security Changes – Duo

Moving mailboxes to the Microsoft O365 cloud provides many additional security features to better protect the sensitive information in faculty and staff mailboxes. Beginning Monday, June 15, OIT will implement a few additional security features for access to mail and Office applications. 

Duo required for Office + mail apps.

OIT has seen instances where malicious actors will use stolen credentials in an Office application or a device’s native mail app to access a mailbox. To protect against this, Duo will be required for all Office apps (Teams, OneDrive, Outlook, etc.) and native mail apps that support modern authentication. Individuals can use the remember me feature for apps the same way they would in a web browser. 

This will be applied for any mail client using Modern Authentication, Office 2016 and newer.

This change will be applied to students, faculty and staff when logging into O365. This will not impact student Crimson mail.

Duo required for risky sign in.

Duo will continue to allow “remember me for 30 days” on browsers and applications where it is selected; however, if a user attempts to login to the O365 online portal from an unusual place or device, Duo will be required. This is to protect against malicious actors logging in from unknown devices, web browsers and locations.

What to expect.

When you open an app on Monday, June 15, you should be prompted to login to your O365 account, followed by a Duo prompt. Below are a few screenshots of what you might see. 

Initial popup window requesting password.

Enter Password

Duo prompt – remember to check Remember Me!

duo prompt

Upon completing the Duo step, individuals will have access to the application. Repeat these steps on each device when prompted. If you have any questions or concerns, please contact the IT Service Desk at 205-348-5555. 

Student Phishing Alert

Friday, May 22 and Monday, May 25, many UA students received phishing emails with the subject “OFFER” and “TEKsystems STUDENT CAREER PROGRAM”.

These emails are scam attempts designed to trick students into giving up information.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address. If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Upcoming Upgrades/Planned Outages

Sunday, May 31 and Sunday, June 7 OIT will be performing database upgrades and installing quarterly patches which will cause some UA systems to be unavailable from 5am to 10am. These systems include Appworx, Banner, Crystal Report Server, DegreeWorks, eProcurement, myBama, PCR-360 and SiteFile. If you have any questions or concerns, please contact the OIT Service Desk at itsd@ua.edu or 205-348-5555.