Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us by forwarding it to [email protected].

Security Alerts and Suspicious Items Currently Affecting UVA:

Retirement And Pension Meetings For University of Virginia Employees

Posted: June 9, 2022 - 4:25pm

From: Alexa Brown
Date: Wednesday, June 8, 2022 at 12:20 PM
To: Typical User (mst3k)
Subject: Retirement And Pension Meetings For University of Virginia Employees

As a valued employee of the University of Virginia, you are eligible to receive a free one-on-one consultation for answers to your retirement benefit questions.

As part of this meeting, you will be provided information that will help you figure out:

*   Your expected income when you retire
*   How much longer you will have to work
*   How you can save more money for retirement
*   Which options have guaranteed income when you retire

Daytime appointments are going fast. Click below to see whats available

Click Here to Schedule Your Meeting

Confluence Security Advisory 2022-06-02

Posted: June 3, 2022 - 10:32am

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability

Information from Atlassian

Summary of Vulnerability

Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server. Further details about the vulnerability are being withheld until a fix is available.

We expect that security fixes for supported versions of Confluence will begin to be available for customer download within 24 hours (estimated time, by EOD June 3 PDT).

What You Need to Do

There are currently no fixed versions of Confluence Server and Data Center available. In the interim, customers should work with their security team to consider the best course of action. Options to consider include:

ALL Emails Offering Part-Time Jobs Are Scams

Posted: June 2, 2022 - 1:39pm

If you receive ANY unsolicited email offering a part-time job, personal assistant position, TA slot or any other employment, DO NOT RESPOND.

These are scam emails designed to extort money from you.

Usually, they offer you a job, then send you a "certified check" or electronic payment. They then ask you to "send" some of the money back. You quickly find the original payment check bounces or is otherwise no good, and you are out the money you sent.

You can help UVA Information Security by reporting the messages to us ([email protected]) so we can block the scammers.

mst3k [at] virginia.edu

Posted: May 27, 2022 - 2:50pm

From: Virginia >
Subject: mst3k [at] virginia.edu
Date: May 27, 2022 at 1:23:04 PM EDT
To: mst3k [at] virginia.edu

Microsoft®365

- Admin Center *Password*Assistance for Virginia

27-05-2022 |*Password*Expiration Notice for: mst3k

Action Required:jPasswordjfor mst3k [at] virginia.edu is expiring soon.
jPlease review and keepjpassword*to ensure instant access to your account.

JReview /JKeepjCurrentjPasswordi
*Sign-injisivalidatediby Virginia internal useridatabase

NOTE: This is ajmandatory servicejnoticeisentjon May 27, 2022, 05:23 PM

*** Please dojnotireply. This is anjautomatedjemailinotification ***

Confirm your E-mail ID (erorr: PUZ1A87VMF)

Posted: May 26, 2022 - 8:14am

From: System Admin
Sent: Wednesday, May 25, 2022 6:45 PM
To: User, Typical S. (mst3k)
Subject: Confirm your E-mail ID (erorr: PUZ1A87VMF)

Server Administrator | IT Support

Hello mst3k [at] virginia.edu

We are closing all old versions users from 25-05-2022 22:45:25.. Please confirm your email address mst3k [at] virginia.edu to keep your account from being deactivated.
Confirm Your Email Herewww.yehudap.com/.well-known/abox/?r=[email protected]>

Account will be automatically deleted after 25-05-2022 22:45:25 You can change the frequency of these notifications within your mailbox portal.

RЕ‏‏‏‏‏‏МI‏‏‏‏‏‏ND‏‏‏‏‏‏ER: Yo‏‏‏‏‏‏ur Virginia е-‏‏‏‏‏‏ma‏‏‏‏‏‏іl Рa‏‏‏‏‏‏ѕ‏‏‏‏‏‏ѕ‏‏‏‏‏‏wοr‏‏‏‏‏‏d Εx‏‏‏‏‏‏p‏‏‏‏‏‏irе‏‏‏‏‏‏s to‏‏‏‏‏‏d‏‏‏‏‏‏aу

Posted: May 25, 2022 - 10:02am

From: "Do-Not-Reply [at] Virginia.edumailto:Do-Not-Reply [at] Virginia.edu>" mailto:admin [at] gesauthdg11xniqdkfzumrs2mqzrauc.awsapps.com>>
Subject: RЕ‏‏‏‏‏‏МI‏‏‏‏‏‏ND‏‏‏‏‏‏ER: Yo‏‏‏‏‏‏ur Virginia е-‏‏‏‏‏‏ma‏‏‏‏‏‏іl Рa‏‏‏‏‏‏ѕ‏‏‏‏‏‏ѕ‏‏‏‏‏‏wοr‏‏‏‏‏‏d Εx‏‏‏‏‏‏p‏‏‏‏‏‏irе‏‏‏‏‏‏s to‏‏‏‏‏‏d‏‏‏‏‏‏aу
Date: May 25, 2022 at 9:25:58 AM EDT
To: mst3k [at] virginia.edu

[img]

mst3k [at] virginia.edu
H‏‏‏‏‏‏e‏‏‏‏‏‏lр u‏‏‏‏‏‏s prо‏‏‏‏‏‏tе‏‏‏‏‏‏ct y‏‏‏‏‏‏оu‏‏‏‏‏‏r аc‏‏‏‏‏‏cо‏‏‏‏‏‏un‏‏‏‏‏‏t
Y‏‏‏‏‏‏о‏‏‏‏‏‏ur Virginia O‏‏‏‏‏‏365 аc‏‏‏‏‏‏cо‏‏‏‏‏‏un‏‏‏‏‏‏t p‏‏‏‏‏‏a‏‏‏‏‏‏ssw‏‏‏‏‏‏оr‏‏‏‏‏‏d w‏‏‏‏‏‏i‏‏‏‏‏‏ll е‏‏‏‏‏‏xр‏‏‏‏‏‏іr‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏‏e to‏‏‏‏‏‏d‏‏‏‏‏‏aу.

Yo‏‏‏‏‏‏ur Virginia Αcc‏‏‏‏‏‏оu‏‏‏‏‏‏nt Рa‏‏‏‏‏‏ѕ‏‏‏‏‏‏ѕ‏‏‏‏‏‏wοr‏‏‏‏‏‏d I‏‏‏‏‏‏s Sе‏‏‏‏‏‏t t‏‏‏‏‏‏o Εx‏‏‏‏‏‏p‏‏‏‏‏‏irе

Posted: May 20, 2022 - 10:16am

From: Virginia-ServiceIT
Date: Friday, May 20, 2022 at 9:45 AM
To: Typical User
Subject: Yo‏‏‏‏‏‏ur Virginia Αcc‏‏‏‏‏‏оu‏‏‏‏‏‏nt Рa‏‏‏‏‏‏ѕ‏‏‏‏‏‏ѕ‏‏‏‏‏‏wοr‏‏‏‏‏‏d I‏‏‏‏‏‏s Sе‏‏‏‏‏‏t t‏‏‏‏‏‏o Εx‏‏‏‏‏‏p‏‏‏‏‏‏irе

Mi‏‏‏‏‏‏сro‏‏‏‏‏‏ѕo‏‏‏‏‏‏ft acс‏‏‏‏‏‏оunt

Іm‏‏‏‏‏‏pо‏‏‏‏‏‏rt‏‏‏‏‏‏an‏‏‏‏‏‏t Sе‏‏‏‏‏‏cu‏‏‏‏‏‏rі‏‏‏‏‏‏ty No‏‏‏‏‏‏ti‏‏‏‏‏‏ce

Η‏‏‏‏‏‏i mst3k,

Yo‏‏‏‏‏‏ur Virginia pa‏‏‏‏‏‏ѕ‏‏‏‏‏‏ѕ‏‏‏‏‏‏ѡоr‏‏‏‏‏‏d i‏‏‏‏‏‏s se‏‏‏‏‏‏t t‏‏‏‏‏‏o ex‏‏‏‏‏‏р‏‏‏‏‏‏іr‏‏‏‏‏‏e i‏‏‏‏‏‏n 0 da‏‏‏‏‏‏y(s).

* mst3k [at] virginia.edu

Mitigate VMware Vulnerabilities

Posted: May 18, 2022 - 12:36pm

Emergency Directive 22-03 Mitigate VMware Vulnerabilities

Threat actors, including likely advanced persistent threat (APT) actors, are exploiting vulnerabilities (CVE 2022-22954 and CVE 2022-22960) in the following VMware products:

VMware Workspace ONE Access (Access)
VMware Identity Manager (vIDM)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager

For further information and mitigation steps from CISA. https://www.cisa.gov/emergency-directive-22-03

Adobe Patch Tuesday Release Cycle

Posted: May 11, 2022 - 5:00pm

On Tuesday, May 10, 2022, Adobe announced multiple vulnerabilities in several Adobe products, including FrameMaker and ColdFusion.

This update addresses one important and multiple critical vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak.

One can update their product installations manually when the product is running by choosing Help > Check for Updates.     
In addition, the products will update automatically, without requiring user intervention, when updates are detected.     

Part-Time Job Opening

Posted: April 30, 2022 - 9:06pm

From: Majoro Diarra Stanley
Sent: Saturday, April 30, 2022 6:35:47 PM
Subject: Part-Time Job Opening

The service of a student administrative assistant is urgently required to work part-time and get paid $315 weekly. Tasks will be carried out remotely and work time is 7 hours/week.
If interested, submit a copy of your updated resume and a functional WhatsApp number to our Department of Psychology via this email address to proceed.

Sincerely
XXXXXXXXXX
Department of Psychology
Office: 125/126 Millmont and Gilmer 215

Subscribe to Security Alerts & Warnings