UAH continues to be the target of a phishing campaign that attempts to collect our usernames and passwords. A vast majority of these phishing emails contain subjects like “Your Grades”, “Correct Your Grades”, “CORRECTION REQUIRED: Your Grades” or even “Your F Grades-Follow up”. Faculty have not been exempt from phishing attempts as a recent attack asked faculty to open up a document in a link for review.
These emails attempt to make you panic and click on a link without verifying it is a valid link and email from a valid source. While looking for the [EXTERNAL] tag in the subject line of an email is a best practice, it’s not a perfect identifier of phishing emails since these attackers have compromised UAH accounts already.
Should you receive one of these emails or any other email that appears to be an attempt to collect your username and password, please click on the 3 dots in the upper right of the email and click “Report Phishing” in the drop-down menu that appears. That will help our mail provider to filter out these emails in the future.
Please carefully examine links in your email before you click on them. For example, UAH should not ask you to log in from a Google Forms page.
Be wary of all attachments, especially those that notify you that they must go to another webpage when you open them.
Only with your help can UAH’s computer systems stay safe.
Jeremy Shelley (he/him/his), CISSP, CISM
Chief Information Security Officer
