Explore UAB

Security is a team sport.

Security is a team sport.

Protect yourself. Protect us all.

We alone cannot accomplish this. You play a key role in protecting university information, including your identity, paycheck, financial aid, grant funds, life work, etc.

Be knowledgeable. Be aware. Be proactive.

Don’t get hooked by a Phish!

Industry experts report that 91 percent of all breaches start with phishing emails. Phishing attempts are fake emails trying to trick you to provide information or click on malicious links. Vishing and SMiShing are other similar fake message attacks. Remember these things when you get any message, even if it looks like it is from a trusted source:

Check the sender

Check the sender

Hover the email address of the sender and make sure it matches what you were expecting.

Check the link

Check the link

Hover any hyperlinks and make sure that it is for a credible site before clicking any links. You can always directly type a known URL into your browser instead of clicking a link.

Report anything suspicious

Report anything suspicious

If anything doesn’t add up, report it with the Report Phishing button in Outlook or forward the email to This email address is being protected from spambots. You need JavaScript enabled to view it.

Simulated Phish

To allow our users to become familiar and more resilient to tactics used in real phishing attacks, UAB IT sends out fake phishing emails to our students, faculty and staff that imitate real attacks. These emails are designed to give you a realistic experience in a safe and controlled environment.

Please note that UAB IT will not be receiving nor storing any passwords; there is no penalty to falling for one of the simulations; and victimized users will not be singled out. However, we do ask the users who have fallen for the phishing email to take 30-60 seconds to review the education material.

Report a Phish

If anything doesn’t add up, report it with the Report Phishing button in Outlook or forward the email to This email address is being protected from spambots. You need JavaScript enabled to view it.

NOTE: UAB IT may retrieve header information if needed for these messages from our mail server if they are not included in the forward.

Other Security Measures

In addition to phishing, there are other ways that hackers will attempt to get you to fall for their schemes. Be sure to know the best practices to keep yourself safe with our top tips and use our information from our toolkit to spread the word.

  • Passwords
    Use strong and unique passwords for each account you have.
  • File Storage
    Keep files secure. Follow UAB’s rules for storing data in the cloud.
  • Personal Info
    It is like cash. Value it. Protect it. Your information can be used for verification, and you should not share sensitive or too many details publicly.
  • Sharing Info
    Share with care. Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it could be perceived now and in the future.
  • Online Presence
    Set the privacy and security settings on websites and social media to your comfort level for information sharing.
  • Updates
    Keep clean machines/devices. Install updates regularly for systems, software and applications.
  • Devices
    Enable passwords and screen-lock options, encrypt hard drives and reset default passwords. Disable bluetooth and GPS access when not in use. Delete apps that you don’t use and only install from trusted sources. Don’t let devices out of your sight or grasp.
  • Internet
    Connect securely. Use UAB’s wireless network on campus or connect to the VPN when needed. Limit use of public Wi-Fi as it may not be private.
  • Travel
    Ensure you have all of the above items in place before your trip. Review our international travel guidelines as well.

Access Toolkit

Security Awareness Videos

More Videos Awareness Toolkit