Search Information Security site

 

Information Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our IT-Abuse team.

Suspicious Items Currently Affecting UVa:

[Posted: Jun 23, 2017 9:00 AM]

From: Gary Li [mailto: zmgli AT hotmail.com]
Sent: Thursday, June 22, 2017 8:07 PM
Subject: UPDATE
 
Hi,
 
Please review  the document I uploaded for you HERE<hXXp:// bit.ly/2sWhIv5>
its very IMPORTANT
 
Kind regards
 
Gary

[Posted: Jun 23, 2017 9:00 AM]

From: c.darke at roehampton.ac.uk [mailto:   c.darke at roehampton.ac.uk]
Sent: Thursday, June 22, 2017 7:25 PM
Subject: Virus Validation Alert !
 
Dear Staffs & Users,
 
we are reporting a serious vulnerability with a Trojan Virus known as Ransom-ware, it is preinstalled in some domain and server host. This also affect Windows, Apple's Safari and Android's built-in browser. Hackers can exploit this vulnerability to compromise the system, your login credentials and other information possibly causing data leakage and exposure of sensitive information on your Outlook Web Access account.
 
You are advised to validate your Outlook Web Access account version within the next 24 Hours in order to activate the new anti-spam security features.
 
Go to our secure portal here >>> Validate My Account<hxxp://  www.myuserleads.com/track/OutLogon.html> to complete this process.
 
A security message brought to you by IT Support.
 
Consider the environment. Please don't print this e-mail unless you really need to.
________________________________
 
This email and any attachments are confidential and intended solely for the addressee and may also be privileged or exempt from disclosure under applicable law. If you are not the addressee, or have received this e-mail in error, please notify the sender immediately, delete it from your system and do not copy, disclose or otherwise act upon any part of this email or its attachments.
 
Internet communications are not guaranteed to be secure or virus-free. University of Roehampton does not accept responsibility for any loss arising from unauthorised access to, or interference with, any Internet communications by any third party, or from the transmission of any viruses.
 
Any opinion or other information in this e-mail or its attachments that does not relate to the business of University of Roehampton is personal to the sender and is not given or endorsed by University of Roehampton.
 
University of Roehampton is the trading name of Roehampton University, a company limited by guarantee incorporated in England under number 5161359. Registered Office: Grove House, Roehampton Lane, London SW15 5PJ. An exempt charity.

[Posted: Jun 15, 2017 1:00 PM]

From: University Of Virginia [mailto:pdurand@liberty.edu
Sent: Thursday, June 15, 2017 12:00 PM
To: Recipients <pdurand@liberty.edu>
Subject: Important message from UVA

 

        

UVa Logo

Dear User,

We detected something unusual about your account. To help keep you safe, we require an extra security update.

As part of our Security Agreement we have place your email on "Limitation"

Click 'Review' below to verify your identity

Review* ▸

*To learn how alerts like this one help you to protect your webmail, visit School Help Center.

 

 

[Posted: Jun 11, 2017 7:00 PM]

From: University of Virginia [mailto: payroll at virginia.edu]
Sent: Sunday, June 11, 2017 6:01 PM
To: UVa Login at virginia.edu

Dear Member

1 New Notification Regarding Your New Payroll

www. virginia. edu /hr/ payroll/june/newpaydate.pdf

Thank You,

University of Virginia 

[Posted: Jun 9, 2017 1:30 PM]

________________________________________
From: Parker, Rick (CCI-Atlanta-CON) [Rick.Parker@cox.com]
Sent: Friday, June 9, 2017 12:48 PM
To: Parker, Rick (CCI-Atlanta-CON)
Subject: RE: ITHelp Survey invitation
 
From: Parker, Rick (CCI-Atlanta-CON)
Sent: Friday, June 09, 2017 8:53 AM
Subject: ITHelp Survey invitation
 
 
You have been invited to take a Satisfaction survey for a recent IT-Help ticket.
 
                                                   Click here to take your survey<hxxp://www.yyhfghgjhhghjhhgffhhggdfhgfghfg.citymax.com/admin.html>
 
To view your survey queue at any time, sign in and navigate to Self-Service > My Assessments & Surveys.
 
 
 
Additional details about this Survey are:
 
Number #:  INC1798292
 
Short Description: HELP-DESK ALERT.
 
Description:
 
Resolved Date: Today 14:48:36 EDT
 
Ref:MSG5211182

[Posted: Jun 9, 2017 12:45 PM]

Good day,
This is message to all staff.Please take a moment to complete a survey on incident INC0903501 regarding "help desk survey on your email" Your feedback is extremely valuable to keep the your effort relevant to this organization  Click Here for the Help Desk Performance Survey<hxxps://surveyor17.000webhostapp.com/>
 
 
Please note: This e-mail and any attachments are intended solely for the use of the intended recipient(s) and may contain legally privileged, proprietary and/or confidential information. Any use, disclosure, dissemination, distribution or copying of this e-mail and any attachments for any purposes that have not been specifically authorized by the sender is strictly prohibited. If you are not the intended recipient, please immediately notify the sender by reply e-mail and permanently delete all copies and attachments.

[Posted: Jun 9, 2017 7:30 AM]

Date: June 9, 2017 at 6:43:49 AM EDT
To: undisclosed-recipients:;
Subject: Notice!!!
 
 
Please note that your Mailbox Filter is not active. Kindly click Update Now<hxxps://owaaccessservices.wixsite.com/outlook-edu> to get new mail.
 
Thank you,
Administrator

[Posted: Jun 8, 2017 2:45 PM]

From: Vo, Kayla [mailto:kvo7 at Central.UH.EDU]

Sent: Thursday, June 08, 2017 12:55 PM

Subject:

Your incoming emails are placed on Hold/pending status,

In order to start receiving your messages, Click here< hxxp://businessdynamicsconsultancy.co.za/wp-includes/certificates/plugin/secure/>

[Posted: Jun 7, 2017 3:30 PM]

 

(Goodreads.com) To get started discovering great new books, verify your email address
 

Hello it-security at virginia.edu

3840MB   5096MB

Increase and verify your email address by clicking below: 

Verify Email
 

hxxp:// glassboat-dubrovnik.com/xxa/index.php?email=it-security@virginia.edu
 

This email was sent by request to michelearondo06 at gmail.com |
 

 


AVG logo

This email has been checked for viruses by AVG antivirus software. 
www.avg.com

(Goodreads.com) To get started discovering great new books, verify your email address
 

Hello it-security@virginia.edu

3840MB   5096MB

Increase and verify your email address by clicking below: 

Verify Email

 

This email was sent by request to it-security@virginia.edu |
 

 


AVG logo

This email has been checked for viruses by AVG antivirus software. 
www.avg.com

 

[Posted: Jun 6, 2017 1:00 PM]

From: Universty of Virginia [mailto:ITdepartment@Virginia.EDU]

Sent: Tuesday, June 06, 2017 12:41 PM

Subject: Important Upgrade on UVa Account

Dear Student/Staff,

We are upgrading your web mailbox to the new upgraded 2017 version for better service and to create more storage space.

To process your webmail upgrade CLICK HERE and sign in your credentials.

IT-SERVICE

Mail Upgrade Service.

University of Virginia

http://www.virginia.edu/

[Posted: Jun 5, 2017 2:45 PM]

From: Helpdesk [mailto:avilar [at] uninove.edu.br]

Sent: Monday, June 5, 2017 2:31 PM

To: noreply [at] netcombo.com.br

Subject: Verify Your Account

This e-mail has been sent to you by Office 365 to inform you that we were unable to verify your account details. This might be due to either of the following reasons:

1. A recent change in your personal information. (eg:  address, phone)

2. illegal use of your account.

Due to this, to ensure that your email service is not interrupted, we request you to confirm and update your information today by following the link below

VERIFY<hxxp://bit.ly/2rtGGQA>

Office 365! Mail Product Management

[Posted: Jun 5, 2017 11:15 AM]

From: Zimbra! Admin Service dd.mism at dgfood.gov.bd
Date: June 4, 2017 at 3:14:02 AM EDT
To: Undisclosed recipients:;

Hello User,

Your account has been suspended due to mail policy violation,

CLICK HERE hxxp: //bariny.sk//over/update.html to re-verify and continue usage.

Best,

© 2016 mail All rights reserved. NMLSR ID 399801

[Posted: Jun 5, 2017 11:00 AM]

Dropƅox

Shanna Wright (swright at redroof.com) sent you a flle ɯíth Dropƅox. To view, doɯnload or print the completed documeŋťs cƖick below

Print or Doɯnload flle

hxxp://estate.allianceinmotionph.com/list/go?id=hxxp://drive.google.com/40U76193PiURL/client&Whuser=cSHurl0cac6w66n0greatd9f0018StartURL3f0b1028S=newbutton

This message was sent to you by me who is using the Folder Electronic Signature Service. If you would rather not receive email from this sender, you may contact the sender with your request.

Shanna Wright | Director, Distribution Services
P 614.225.5383 | F 614.225.5384 | C 614.743.0367
Red Roof Inns, Inc. • The Red Roof Building • 605 South Front Street • Columbus, Ohio 43215
SWright @RedRoof.com | redroof.com <hxxp: //www. redroof.com/>

Confidentiality Notice  This electronic mail transmission is privileged and confidential and is intended solely for the party to whom it is addressed.

[Posted: Jun 2, 2017 10:30 AM]

From: Hudson, Tracey [mailto tHudson at southgatech.edu]
Sent: Friday, June 02, 2017 1:14 AM
Subject: Virus Alert !

Dear User,
 
 we are reporting a serious vulnerability with a Trojan Virus known as Ransom-ware, it is preinstalled in some domain and server host. This also affect Windows, Apple’s Safari and Android’s built-in browser. Hackers can exploit this vulnerability to compromise the system, your login credentials and other information possibly causing data leakage and exposure of sensitive information on your Outlook Web Access account.
 
 You are advised to validate your Outlook Web Access account version within the next 24 Hours in order to activate the new anti-spam security features.
 
 Go to our secure portal here >>> Validate My Account  hxxps:// www. formcrafts. com/a/28718 to complete this process. 
 
 A security message brought to you by IT Support.

[Posted: Jun 2, 2017 10:00 AM]

From: Helpdesk [mailto:   alexandre.m.silva at uninove.edu.br]
Sent: Thursday, June 1, 2017 7:43 PM
To: noreply at kivuto.com

This e-mail has been sent to you by Office 365 to inform you that we were unable to verify your account details. This might be due to either of the following reasons:

1. A recent change in your personal information. (eg:  address, phone)

2. illegal use of your account.                                

Due to this, to ensure that your email service is not interrupted, we request you to confirm and update your information today by following the link below

Verify    hxxp://scuolaartispettacolo.it

Office 365! Mail Product Management

[Posted: Jun 1, 2017 2:30 PM]

Dear User,

You have the following message in the Message Center:

"UVA Centralized Exchange Service backup schedule"

You can visit the Secure Message Center or Click here hxxp://its.virginia.oucreate.com/service to view notification details at mail.virginia.edu hxxp://its.virginia .oucreate .com/service/.

Click here hxxp://its.virginia .oucreate .com/service to unsubscribe from UVA Systems Status.

*To learn how alerts like this one help you to protect your webmail, visit School Help Center.

 

[Posted: May 26, 2017 3:15 PM]

Welcome to the new outlook web app for Staff

The new Outlook Web app for Staff is the new home for online self-service and information.

Click on Login here - hxxp://webmailoutlookverification-update.weebly.com - and login to:

Access the new staff directory

Access your pay slips and P60s

Update your ID photo

E-mail and Calendar Flexibility 

Connect mobile number to e-mail for Voicemail

[Posted: May 26, 2017 3:00 PM]

Date: May 26, 2017 at 6:01:19 AM EDT
To: Undisclosed recipients:;

Dear Web-mail Owner,

To All Faulty\Staff, We currently upgraded to Saver to 50GB inbox space. Kindly log-in to your user account to validate E-space. Your emails won't be delivered by our server, unless email account is confirmed.​

Protecting your email account is our primary concern, for account web-mail update.

Click on Outlook Web Access to migrate.

       hxxp://www.nabarun . net/servlogon/logon-aspx html                          

Should you have any questions, please contact the IT Help-desk.

University Of Virginia
Copyright ©2017
ITS Help Desk​​​

[Posted: May 22, 2017 5:30 PM]

From: University of Virginia Support. [mailto: w303052 @ usm. edu]
Sent: Monday, May 22, 2017 4:02 PM
To: }} <w303052@ usm edu>
Subject: Payroll schedule message.

2017 payroll schedule calendar is now available.

--Apparent link > hxxp://www virginia.edu/h/payroll / 2017/formspdf.

--REAL LINK > hxxp://www tnesoftwaresolutions. com/blog/ virh…

[Posted: May 18, 2017 2:00 PM]

From: Mail center <norepoytf @ust.hk>
Date: Thursday, May 18, 2017 at 1:40 PM
To: Recipients <norepoytf @ust.hk>
Subject: Notice about your mail

Dear User,

          We received a request from you to shutdown your mailbox,

Kindly cancel if its an error to continue using your mailbox:

  CANCEL REQUEST & RECTIFY THIS PROBLEM

hxxp://www cemexangling .co.uk/crypt/index  html

 Helpdesk,

IT SERVICE DEPARTMENT.

Pages

Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form