Search Information Security site

 

Examples of Phishing and Scam Emails

Key Items to Look for in Suspicious Emails

Below are some examples of actual phishing and scam emails received by UVA community members, in which the most common or key markers of phishing emails are indicated. Please review these carefully so you don't become the next victim.

Example Spam/Phishing Email Message #1

  1. UVA will never send a message like this. Even if you were to ask UVA to delete your account (highly unlikely), you would be communicating with UVA through verifiable channels and probably by voice communication with a verified UVA staff member, not in an email like this.
  2. Notice the tone of urgency, indicated by a 24-hour deadline, along with an implied threat, indicated by the words "your account will be lost". A tone of urgency and an implied or veiled threat to those who do not act will generate fear, a key tactic phishers use to deceive us, and to push us to act without thinking. UVA will never threaten you; in fact, no reputable institution will ever threaten you in any communication.
  3. Hover over any included links (i.e. hypertext, graphics, buttons) before clicking them. As seen above, the hyperlink text says it will "CANCEL REQUEST IMMEDIATELY", but when you hover over the link, you see that the actual URL takes you away fom UVA servers. Clicking this link would make your information and data available to hackers — if there is no match between the apparent URL and the real URL, delete the message.
  4. UVA will never send you a message to which you cannot reply. We will never have an "address that cannot be answered."

Example Spam/Phishing Email Message #2

  1. As phishing and scam emails become more prevalent, hackers can get more creative in their malicious attempts. As shown here, hackers sometimes become aware of legitimate UVA email campaigns and recreate legitimate UVA language. For this reason, it is very important to always read the entire message to ensure its validity.

    *!* This is a reminder of the importance of hovering over URLs before clicking them — the URL that appears to take you to "netbadge.virginia.edu/myaccount/reactivation.html" does NOT take you to a UVA website. Despite this seemingly valid message, there is always a way to find the phish. *!*

  2. Again, hackers will often use legitimate content in an attempt to trick us into clicking the malicious content. Though this email address appears to be a legitimate virginia.edu message, smart users would ignore this trick once they saw the discrepancies between the apparent URL and the real URL above.

In general, trust your gut. If anything about any email message doesn't seem right, check it out before you respond. 

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form