Equifax Cyber Breach: What You Need to Know

Mass cyber breaches, like the recent Equifax security breach, can be intimidating and alarming. In this week’s cyber security tip, we provide tips for users affected by commercial cyber breaches.

Cyber Breaches - What you should know

In situations like the Equifax cyber breach, it is best to follow the news and recommendations from the organization affected. However, there are a few additional things that you can do to better protect your credit score and your online identity.

  • One tip is to establish a credit freeze with all four credit agencies – Equifax, Transunion, Experian and Innovis. By initiating a credit freeze, or security freeze, you will restrict access to your credit report, making it more difficult for identity thieves to open up new accounts in your name. A credit freeze does not impact your credit score. You may simply contact each credit reporting company to establish the freeze. Sometimes there is a fee for this service, but it is usually $10 or less.
  • You also should regularly monitor your credit and your online banking accounts to ensure their security.
  • Regularly change your passwords, and, if it is offered, use two-factor authentication. Many banking and investing websites have employed two-factor authentication to better protect their users.

October is National Cyber Security Awareness Month. OIT will be posting cyber safety tips throughout the month. For more information about Cyber Security Awareness Month, visit the National Cyber Security Alliance’s website https://staysafeonline.org.

Oct. 4 Student Phishing Attempt

Thursday, October 4, 2017, many UA students received a phishing email with the subject title “Important Notice” or “Important Mail Notice”

This is a phishing attempt designed to obtain sensitive user data, like your myBama username and password, and possibly infect your system with malicious code. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below are screenshots of the emails.

Phishing Attempt

 

phishing attempt

OIT Recommends Not Installing Mac OS High Sierra

Mac is set to release its latest operating system, High Sierra, Monday, Sept. 25, 2017. OIT is currently testing the OS for compatibility. We recommend that NetAdmins test the operating system within their environment, and wait for further recommendation from OIT before putting the OS into production as any issues that cannot be resolved internally may require an update from Apple. If you have any questions, please contact the IT Service Desk at 205-348-5555.

 

*Update 9/26/17 – OIT testing has determined that High Sierra is not compatible with Outlook. In order to make Outlook compatible, users must run all Office updates available.

DUO Required for UA Students

Effective Monday, October 2, 2017, DUO two-factor authentication will be required for all UA students.  DUO is designed to protect sensitive information held within student myBama accounts and Crimson Email. On October 2, students will be unable to access their myBama accounts until DUO is activated.

DUO adds a second layer of security to a user’s myBama account because it requires two factors to verify identity. These factors include something you know – your username and password, and something you have – a smartphone app or passcode, to authenticate and gain access to an account.

DUO is not required to access Blackboard. Students can bypass myBama by visiting ua.edu, then click the top right icon, and then click Blackboard. Students can then login with their myBama credentials to access Blackboard without using DUO.

To get started, visit www.duo.ua.edu. Students can then follow the screen prompts and download the DUO Mobile App on your smartphone to setup your DUO account. For more information, and a complete tutorial, please visit www.oit.ua.edu/duoPlease contact the IT Service Desk at 205-348-5555 or itsd@ua.edu with any questions or concerns.

Java 9 Not Compatible with Banner

Java 9, which is set to be released today, is not certified for Banner applications at this time. OIT advises users not to install or upgrade to Java 9. All Banner applications are currently certified with JRE 7 and 8.

September 14 Phishing Attempt

Thursday, September 14, 2017, many UA students, faculty and staff received a phishing email with the subject title “Your account has been queued for deletion”

This is a phishing attempt designed to obtain sensitive user data and possibly infect your system with malicious code. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

 

Screenshot of phishing attempt

Sept. 6 Phishing Attempt

Wednesday, September 6, 2017, many UA students, faculty and staff received a phishing email with the subject title “request closed”

This is a phishing attempt designed to obtain sensitive user data and possibly infect your system with malicious code. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Phishing Attempt Screenshot

August 22 Phishing Attempt

Tuesday, August 22, 2017, many UA students, faculty and staff received a phishing email with the subject title “Hello”

This is a phishing attempt designed to obtain sensitive user data and possibly infect your system with malicious code. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

August 17 Phishing Attempt

Thursday, August 17, 2017, many UA students, faculty and staff received a phishing email with the subject title “Case ID-A0722JB verification”

This is a phishing attempt designed to obtain sensitive user data and possibly infect your system with malicious code. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.