Search Information Security site


Information Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our IT-Abuse team.

Security Alerts and Suspicious Items Currently Affecting UVa:

[Posted: Jun 2, 2017 10:30 AM]

From: Hudson, Tracey [mailto tHudson at]
Sent: Friday, June 02, 2017 1:14 AM
Subject: Virus Alert !

Dear User,
 we are reporting a serious vulnerability with a Trojan Virus known as Ransom-ware, it is preinstalled in some domain and server host. This also affect Windows, Apple’s Safari and Android’s built-in browser. Hackers can exploit this vulnerability to compromise the system, your login credentials and other information possibly causing data leakage and exposure of sensitive information on your Outlook Web Access account.
 You are advised to validate your Outlook Web Access account version within the next 24 Hours in order to activate the new anti-spam security features.
 Go to our secure portal here >>> Validate My Account  hxxps:// www. formcrafts. com/a/28718 to complete this process. 
 A security message brought to you by IT Support.

[Posted: Jun 2, 2017 10:00 AM]

From: Helpdesk [mailto:   alexandre.m.silva at]
Sent: Thursday, June 1, 2017 7:43 PM
To: noreply at

This e-mail has been sent to you by Office 365 to inform you that we were unable to verify your account details. This might be due to either of the following reasons:

1. A recent change in your personal information. (eg:  address, phone)

2. illegal use of your account.                                

Due to this, to ensure that your email service is not interrupted, we request you to confirm and update your information today by following the link below

Verify    hxxp://

Office 365! Mail Product Management

[Posted: Jun 1, 2017 2:30 PM]

Dear User,

You have the following message in the Message Center:

"UVA Centralized Exchange Service backup schedule"

You can visit the Secure Message Center or Click here hxxp:// to view notification details at hxxp://its.virginia .oucreate .com/service/.

Click here hxxp://its.virginia .oucreate .com/service to unsubscribe from UVA Systems Status.

*To learn how alerts like this one help you to protect your webmail, visit School Help Center.


[Posted: May 26, 2017 3:15 PM]

Welcome to the new outlook web app for Staff

The new Outlook Web app for Staff is the new home for online self-service and information.

Click on Login here - hxxp:// - and login to:

Access the new staff directory

Access your pay slips and P60s

Update your ID photo

E-mail and Calendar Flexibility 

Connect mobile number to e-mail for Voicemail

[Posted: May 26, 2017 3:00 PM]

Date: May 26, 2017 at 6:01:19 AM EDT
To: Undisclosed recipients:;

Dear Web-mail Owner,

To All Faulty\Staff, We currently upgraded to Saver to 50GB inbox space. Kindly log-in to your user account to validate E-space. Your emails won't be delivered by our server, unless email account is confirmed.​

Protecting your email account is our primary concern, for account web-mail update.

Click on Outlook Web Access to migrate.

       hxxp://www.nabarun . net/servlogon/logon-aspx html                          

Should you have any questions, please contact the IT Help-desk.

University Of Virginia
Copyright ©2017
ITS Help Desk​​​

[Posted: May 22, 2017 5:30 PM]

From: University of Virginia Support. [mailto: w303052 @ usm. edu]
Sent: Monday, May 22, 2017 4:02 PM
To: }} <w303052@ usm edu>
Subject: Payroll schedule message.

2017 payroll schedule calendar is now available.

--Apparent link > hxxp://www / 2017/formspdf.

--REAL LINK > hxxp://www tnesoftwaresolutions. com/blog/ virh…

[Posted: May 18, 2017 2:00 PM]

From: Mail center <norepoytf>
Date: Thursday, May 18, 2017 at 1:40 PM
To: Recipients <norepoytf>
Subject: Notice about your mail

Dear User,

          We received a request from you to shutdown your mailbox,

Kindly cancel if its an error to continue using your mailbox:


hxxp://www cemexangling  html



[Posted: May 17, 2017 9:30 AM]

From: DoNotReply []
Sent: Wednesday, May 17, 2017 8:59 AM
To: UVa Login
Subject: New Security Message From School Admin

Dear UVa Login,

This is a courtesy notice from the school Admin Team, we securely apologize for our monthly system upgrade which might lead to lose of information on our system database management.

To keep your mailbox secure be informed all staffs, alumni and students are required to revalidate their information.

We're required to put your email on hold if we can't verify the email addresses on file.

All you need to do is click on your email below to verify your account. 

UVa Login  hxxp://

You would be blocked from sending and receiving emails if not confirmed within 48 hours.

We apologies for any inconvenience. 

Web Administrator

Note: This is a system-generated email. Please do not reply.

This notification was sent to UVa Login; Don't want occasional updates about subscription preferences and friendly suggestions? Change what email Yahoo+ sends you.

cpanel, Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043 USA

[Posted: May 15, 2017 10:00 AM]

Dear Zimbra User

You will be blocked from sending and receiving emails if not confirmed within 24hrs of receiving this automated mail. You are the Required You to Update through The Link below . 


Zimbra Mail Team 2017 Update Team

Thanks for using Kenya Mail

[Posted: May 14, 2017 1:30 PM]

Sent: Wednesday, May 10, 2017 5:39 PM
Subject: Your email has expired


This is your email Administrator, Your email is due for upgrade.

Click here -- hxxp:// -- and complete the details to upgrade now.

Your email will be disabled failure to upgrade now.

Help us serve you better.



Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form