Security Alerts & Warnings
This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.
Regarding Suspicious Email Alerts
- If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
- Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
- If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.
Items Currently Affecting UVa:
[Posted: Aug 16, 2017 3:00 PM]
[Posted: Aug 14, 2017 9:30 AM]
[Posted: Aug 14, 2017 9:00 AM]
From: Mail Server [mailto: secure at servermailer.com]
Sent: Monday, August 14, 2017 12:31 AM
Subject: Final Warning: Account De-activation Notice
Our record indicates that you recently made a request to shutdown your e-mail and this request will be processed shortly.
If this request was made accidentally and you have no knowledge of it, you are advised to cancel the request now
However, if you do not cancel this request your account will be shutdown shortly and all your email data will be lost permanently.
[Posted: Aug 10, 2017 3:30 PM]
Some UVa departments are getting scam phone calls, where the caller ID is from “UVA Human Resources” or related.
If you have any questions about the legitimacy of these calls, please call UVa HR at 434-982-0123.
[Posted: Aug 10, 2017 11:00 AM]
NOTE: This phishing email features legitimate links in the footer area, but don't let that fool you. The main links are spoofed -- not legitimate.
From: University of Virginia [mailto: sfs (at) virginia.edu]
Sent: Thursday, August 10, 2017 5:05 AM
Thanks for completing the first step of your identity verification! UVa has now checked your government-issued photo ID and provided you with a deduction in your school fees and you have to complete the second step.
If you haven't done so already, please complete the remainder of your process right away by following the instructions below (also attached to your PassPhrase):
1. Visit hxxp:// whois.virginia. edu [hovering over the link will show you that it really goes to hxxp:// growlightsupply.com/ virginia] and log in through NetBadge. (Unsure how to do this? See below.)
2. Verify your identity by providing your University ID number (printed on your UVa ID card, or look it up at hxxp:// whois.virginia. edu [hovering over the link will show you that it really goes to hxxp:// growlightsupply.com/ virginia]; your birthdate; and your unique PassPhrase.
3. Set your personal security questions and answers, and establish your Permanent UVa password.
4. Wait at least 15 minutes for the rest of your UVa computing accounts to be created. Anytime after that, you may configure your computer to access the UVa encrypted wireless network. See hxxp:// whois.virginia. edu [hovering over the link will show you that it really goes to hxxp:// growlightsupply.com/ virginia]
UVA WIRELESS NETWORK ACCESS
* STUDENTS & EMPLOYEES: See hxxp:// whois.virginia. edu [hovering over the link will show you that it really goes to hxxp:// growlightsupply.com/ virginia] for detailed configuration instructions.
* NEW STUDENTS: Remember, you cannot access UVa's encrypted cavalier wireless network until you have established a Permanent password!
* UNSURE how to log in through NetBadge?
See http://www.its.virginia.edu/netbadge/compatible.html for guidance.
* LOST your PassPhrase?
Obtain another one and complete your ID verification process as soon as you can on Grounds. (See http://its.virginia.edu/identity/question.html#locations).
* NEED HELP?
Contact the UVa Help Desk: http://its.virginia.edu/helpdesk.
[Posted: Aug 1, 2017 10:30 AM]
[Posted: Aug 1, 2017 9:45 AM]
From: Hall, Gaines B [mailto: g bhall at illinois.edu]
Sent: Tuesday, August 01, 2017 9:34 AM
This email is to verify you requested a change of name associated with your email address of the university electronic resource.
Your request has been submitted and will be processed in two working days.
If you never made this request, you can cancel this request here hxxp://abata.sch.id/virginia.edu.id/mail.eservices.virginia.edu (as it's the sole purpose of this notification)
otherwise no action is required.
Notification was sent on 01/08/2017
Ticket ID X002FA
Hall Gaines B
[Posted: Jul 31, 2017 1:45 PM]
Your Email account will soon be deactivated (As we are currently undergoing maintenance of our service channels)CLINK HERE hxxp:// viriginia.co.nf/_about_.html to update your account immediately. Please follow Instruction on this message and your account will be updated within 24hours. We apologies for any inconvenience and appreciate your understanding.
2017 (c) Systems Administrator.support Internet. virginia.edu (C) All rights reserved
[Posted: Jul 25, 2017 9:15 AM]
[Posted: Jul 21, 2017 10:30 AM]
[Posted: Jul 20, 2017 6:30 PM]
[Posted: Jul 20, 2017 10:30 AM]
[Posted: Jul 20, 2017 9:45 AM]
[Posted: Jul 19, 2017 9:30 AM]
[Posted: Jul 18, 2017 1:45 PM]
From: Office Security <MicrosoftExchange365 [at] on-microsoftonline.com>
Date: July 17, 2017 at 6:02:57 PM MDT
Subject: Terms and condition violation
Terms and condition violation
You allowed apps that may use a less secure sign-in to access your Microsoft account.
This allows email applications that do not meet Microsoft's recommended security standards to access your account and may leave your account more vulnerable to security risks, which is against Microsoft's Terms and Conditions.
Attackers use this to gain access to users accounts for fraudulent transactions. We strongly recommend that you:
Turn off less secure app access
Using a web browser, Sign in to your account or to any Microsoft service as soon as possible, to review your account.
If you don’t take any action soon, your account and all of its contents will be marked as Spam and scheduled for deletion.
For inquires and information, visit the Help Desk
Was this helpful? Send feedback to Microsoft.
[Posted: Jul 17, 2017 10:30 AM]
[Posted: Jul 17, 2017 9:00 AM]
[Posted: Jun 29, 2017 9:30 AM]
[Posted: Jun 28, 2017 1:45 PM]
[Posted: Jun 23, 2017 9:30 AM]
Report a Security Incident
Please report any level of incident no matter how small it is. ISPRO will review and evaluate the report and provide a full investigation based on the threat.