Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.  For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us by forwarding it to [email protected].

Security Alerts and Suspicious Items Currently Affecting UVA:

Posted:

Multiple people at UVA have reported that they have received a text message that looks something like the one below.

This is "smishing" - it's like "phishing" but over SMS text  so it's called "smishing
So treat it like a phishing email - Don't click on the link. 
Notice the weird writing, such as putting parenthesis around the "3" and not making "virus" plural.
The link is a odd as well, not a well-known link shortener, and if you hovered on it, it doesn't go where it states.
So ignore this text!

Your browsing history showed visits to unsecured websites. Now you have (3) virus on your device. Clean your phone <ponzm1.xyz/Lvsl8zpmel> ASAP

Posted:

From: virginia.edu:12/29/2021
Sent: Wednesday, December 29, 2021 5:59:55 AM
To: User, Typical S
Subject: virginia.edu_Notification:(Wednesday, December 29, 2021)

 

virginia.edu WEBMAIL

Hello mst3k,

Your mst3k [at] virginia.edu password is set to Expire today,

Wednesday, December 29, 2021

You can change your password or continue using same password below

Keep Same Password

virginia.edu Support

Posted:

From: Virginia -053100 kazash [at] gvsu.edu> 
Sent: Thursday, November 18, 2021 3:36 PM
To: Typical User mst3k [at] virginia.edu>
Subject: Covid Test#56470
Importance: High

Attached copy of your test result.
Thanks.

Posted:

From: "John William Betts, III"
Date: November 13, 2021 at 1:05:15 PM EST
Subject: University Payroll Services invited you to view the files "Regarding 2021 payroll schedule "on Payroll Services.

 

 

University Payroll Services invited you to view the files "Regarding your 2021 payroll schedule "on Payroll Services.

View file

Enjoy!
University Payroll Services

Posted:

From: IT HelpDesk
Date: Friday, November 5, 2021 at 2:58 PM
To: Typical User
Subject: virginia.edu Urgent Action Required!

Hi mst3k,

Due to new terms of our user agreement, we inform you that we made recent updates in our website to ensure safety while using our services. Follow the link below to update your mailbox and follow the steps to check your email.
 

 

Update Account

 

 

Should you have any questions, do not hesitate to contact me.
 

Thanks,
Helpdesk Team

Posted:

From: IT Help Desk
Sent: Monday, November 1, 2021 3:00 PM
To: Recipients
Subject: Security alert
 
Your virginia edu account will be De-activated shortly

To stop De-activation Click Here and Log In

IT Help Desk.

Posted:

More Zero-Day flaws in the Chrome web browser for Windows, Macintosh, and Linux computers

More zero-day flaws have been found in the Chrome web browser used on Windows, Macintosh, and Linux computers. The flaws (CVE-2021-37975 and CVE-2021-37976) are a high and medium severity flaw (respectively) on the CVSS vulnerability-rating scale.  Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the system or obtain sensitive information. 

Posted:

Text Message starting a Gift Card Scam

Multiple people at UVA have reported that they have received a text message that looks like this: 

This is the beginning of a gift card scam!

Do NOT reply to this text message. 

If you're concerned that it is legitimate request from your "" (e.g., your dean, department chair) then email or call that person using the contact information you already have.

Please report "smishing" (SMS phishing) to us by emailing [email protected]

Posted:

Many hundreds of email messages are coming in with this type of format:

From: Department Chair  mailto:deptchair.virginia.edu @ gmail.com>>
Subject: Send me your available text number that I can reach you at
Date: September 25, 2021 at 2:40:33 PM EDT
To: typicaluser @ virginia.edumailto:typicaluser @ virginia.edu>

--
Department Chair
Dean and professor
School of Scam Science

Even if they seem to come from your chair, department head or supervisor, they are a scam - DELETE them.

Your supervisor does not need to ask for your cell phone number, nor do they need you to buy gift cards for them - the latter violates UVA policy.

Posted:

Subject:     Document shared with you: "EVALUATION.DOC.XX.docx"
Resent-From:     mst3k [at] virginia.edu
Date:     Wed, 22 Sep 2021 23:18:27 +0000
From:     Christina Grieco (via Google Docs)

Reply-To:     Christina Grieco
To:     mst3k [at] virginia.edu
CC:  

christina.grieco [at] bedford.k12.va.us
mailto:christina.grieco [at] bedford.k12.va.us> shared a document
Unknown profile photo
    
christina.grieco [at] bedford.k12.va.us
mailto:christina.grieco [at] bedford.k12.va.us> added you as a viewer.
Verify your email to securely view this document. You will need to
verify your email every 7 days. Learn more
.
FWD:Jennifer L. West shared a file request using one drive.

EVALUATION.DOC.XX.docx