Welcome! The Office of Information Technology (OIT) hopes you are having a wonderful start to the semester! We are committed to providing the best resources we can so that you are empowered to enjoy your learning experience at UAH.

As a reminder, all UAH account holders are under constant bombardment of phishing and scam emails as well as a multitude of other Information Technology (IT) security threats. While UAH has many different protection mechanisms in place to protect IT assets, there are still attack vectors that circumvent these protection mechanisms and we are unable to stop every one of them.

Many of the phishing and spam email messages are crafted to look legitimate. They appear to have been sent from trusted faculty, staff, and entities on campus. Official UAH logos are utilized, reply-to email addresses appear to be valid UAH email, and they seem to offer viable services such as student employment or free learning materials.

While the protection mechanisms we have in place block thousands of spam and phishing emails every day, some messages may get through and end up in your inbox.

Here are some common signs that the email is phishing:

  • The email contains poor grammar or spelling errors.
  • The email asks for personal information, such as your full name, address, or phone number.
  • The email is offering a job or opportunity that sounds too good to be true.
  • The email is offering or advertising a job at UAH but does not originate from a uah.edu email address.
  • The email offers vague threats of blackmail.
  • The email looks off in some other way.
  • The email has been marked as spam or phishing by UAH’s automated system.

Here is what you can do to protect yourself:

  1. An email with a subject that begins with [External] did not originate from anyone at UAH. Use extra caution when responding to messages that originate from an external source.
  2. If you suspect the message is spam or phishing, mark the message as phishing or as spam. See this article for more details.
  3. Educate yourself about how to spot scams. We offer updates in our quarterly newsletter, articles on our Client Portal, Cybersecurity training for faculty and staff, and more. Contact OIT to learn more; we are here to help.
  4. If you are in doubt and are unable to verify via a different method (in-person, over the phone) you can forward the email to our Help Desk (helpdesk@uah.edu) and we can look into the email message.

When you forward the message to the Help Desk, it allows our security team to dig into the different components of the email headers to determine the source of the email, which then enables us to block emails from that source on a larger scale which improves our overall email security posture.

If you have responded to one of these scam or phishing emails, please immediately change your UAH password, and then verify (if this was not related to UAH) that no unauthorized changes have occurred in the target area of the phishing email (bank, credit card, etc). 

If you have further questions, please visit the following Help Desk Knowledge Base articles:

If neither of those help, please feel free to contact the help desk at 256-824-3333 or helpdesk@uah.edu

As the Interim CIO, your IT Security is one of my highest priorities. Keeping the IT systems at UAH, as well as our users, safe is critical to a conducive learning environment and advancing the research and mission of the university.

Thank you for your attention to this important matter!

 

Dr. Michael Turner

cio@uah.edu

To submit an announcement, contact omc@uah.edu.
More info