There has recently been an increase in phishing emails that appear to come from a UAH person with the message of “Are you available? “ or “Are you in campus”. If the recipient responds to the email, the attacker states that they are in a meeting, so they cannot call at this time. This email or the one after it requests that the recipient purchase an Apple, Amazon, or Google gift card and send the details to them through email.

These emails come from non uah.edu addresses but look similar in name to UAH persons. 

Please review the from address in received emails AND the to address in replies to make sure they are uah.edu email addresses when sending or receiving from UAH persons.  Valid UAH email addresses will have 'uah.edu' at the very end, with nothing following it.

Since the attackers use multiple email addresses and IP addresses from which to attack our users, OIT is limited in our ability to completely prevent these attacks. We ask that you take an active role in mitigating the threat these attackers pose by using the Google Mail feature to mark any message like this as spam.

Ways to spot fraudulent emails like this:

The best way to catch this type of fraudulent email is to compare the from address and the address that appears in the to address when replying to the email. If the message appears to be from an individual affiliated with UAH, but it is not from an address that ends with uah.edu, then there is a good chance it is fraudulent.

When you receive an unusual request like this, contact the person making the request through a different method. A phone call in which you can authenticate the person’s voice is best. If that is not an option, then forward the email to the person’s uah.edu email account.

Why this works:

We all want to help, and this request (as most phishing attacks) solicits an emotional response. It also includes a name that is familiar to the recipient.

More information about phishing emails is available at:

https://www.uah.edu/oit/services/cybersecurity/94-main/oit/cyber-security/5404-about-phishing

If you need technical assistance, please call the OIT Help Desk at 256-824-3333 or email helpdesk@uah.edu. Email response can be expected between 9 and 6 Monday through Friday.

 

Russ Ward, GSE CISSP

Chief Information Security Officer (CISO)
Office of Information Technology (OIT)

To submit an announcement, contact omc@uah.edu.
More info