Did you know that since 2022, phishing incidents have increased by 40 percent?  

Over the past year, UAB IT has implemented new tools to help combat phishing, including an anti-impersonation feature intended to cut down on business email compromise attempts, and an unfamiliar sender message for certain outside emails. 

But the best defense against phishing remains you. 

Here’s what to look for if you suspect a phish: 

1. Check the sender. UAB, and entities that represent the university, will never ask for personal information through an email. While the anti-impersonation feature in Outlook helps mitigate the influx of threat actor correspondences coming in. Even still, always check the sender of an email.  

2. Check the contents. Be wary of links and attachments. Outlook is equipped with a SafeLink feature, so incoming messages containing a URL or attachment will be scanned. If the items contained within the email or considered malicious, and you click on it, Microsoft will redirect you to a warning screen. But you should still check to make sure nothing slips through the cracks. 

3. Check the grammar. In the past, phishing emails have been easy to spot because of the poor spelling and grammatical errors. Sometimes threat actors will swap out an “o” in a letter for 0, hoping that readers will miss it as they skim through the message.  

4. Check the tone of the message. Does it have a call to action, or demanding you give them something? They may say its urgent, and that consequences will be had if you do not meet the demands.  

If you think you have a phish, please report the incident by using the Report Phishing button that is native in Outlook.