Search Information Security site

 

Information Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our IT-Abuse team.

Security Alerts and Suspicious Items Currently Affecting UVa:

[Posted: Jul 12, 2018 8:32 AM]

I am aware, <your password> is your pass word. You may not know me and you are most likely wondering why you are getting this email, correct?

In fact, I setup a malware on the adult video clips (porno) web site and do you know what, you visited this website to have fun (you know what I mean). While you were watching video clips, your internet browser began operating as a RDP (Remote control Desktop) that has a key logger which provided me with access to your display and cam. Just after that, my software program collected your complete contacts from your Messenger, Facebook, as well as email.

What exactly did I do?

I created a double-screen video. 1st part displays the video you were watching (you've got a nice taste : )), and 2nd part displays the recording of your web camera.

What should you do?

Well, I believe, $1900 is a reasonable price tag for our little secret. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).

BTC Address: 1JHwenDp9A98XdjfYkHKyiE3R99Q72K9X4
(It is cAsE sensitive, so copy and paste it)

Note:

You have one day to make the payment. (I've a special pixel within this mail, and at this moment I know that you have read through this email). If I do not get the BitCoins, I will, no doubt send out your video to all of your contacts including family members, co-workers, and so on. Nonetheless, if I receive the payment, I will destroy the video immidiately. If you want to have evidence, reply with "Yes!" and I definitely will send out your video recording to your 6 friends. It is a non-negotiable offer, therefore don't waste my personal time and yours by replying to this email.

[Posted: Jul 5, 2018 10:40 AM]

 HELLO:
    
    YOUR WEBMAIL QUOTA HAS EXCEEDED THE STORAGE LIMIT.
    YOU  ARE NOW RUNNING ON 20.89GB. PLEASE SEND THE BELOW
    INFORMATION TO US TO RE-ACTIVATE AND RENEW YOUR WEBMAIL QUOTA.
    
    FULL EMAIL ID:...
    Password :...
    
    FAILURE TO DO SO MAY RESULT IN LIMITED ACCESS TO YOUR WEBMAIL ACCOUNT
    
    THANKS
    LOCAL HOST
    
    WEBMAIL TECHNICAL SUPPORT
    
    COPYRIGHT 2018 - WEBMAIL COMMUNICATIONS - ALL RIGHTS RESERVED.

[Posted: Jun 30, 2018 6:08 AM]

From: User, Ty[ical <xyz1a[at]virginia.edu>
Subject: Re : New Summer Employment Opportunities !!!
Date: Jun 29 2018, at 5:42 pm
To: xyz2b@virginia.edu

Part-time and summer employment opportunities! Find out more about employers and positions they are offering click here (hxxps://executivepersonala.wixsite.com/executivepajobs) for further details or to sign up.

[Posted: Jun 22, 2018 10:43 PM]

From: Drewes, Bruce (TTAP) (bd5sx) <bruce.ttap@virginia.edu>
Date: Fri, Jun 22, 2018 at 9:52 PM
Subject: Re : Urgent Account Update !!!
To: xyz@virginia.edu

 

We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here to login and restore your email .:
Thank you. 
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

-- 

[Posted: Jun 19, 2018 8:42 AM]

From: Smirnov, Igor (is4b) <is4b@virginia.edu>
Date: Mon, Jun 18, 2018 at 9:31 PM
Subject: Re : Urgent Account Update !!!
To: xyz@virginia.edu

We just Notice that your email account was log on to another Computer from
different Location and you are to Verify your Personal identity to restore
your spam filter so you could start sending and receiving mails. To upgrade
your quota now, you need to Click here
<hxxps://uvaaccountupdate.godaddysites.com/> to login and restore your
email .:
Thank you.
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Jun 19, 2018 8:41 AM]

From: Drake, Joshua C. (jcd6g)
Sent: Tuesday, June 19, 2018 3:50 AM
To: xyz@virginia.edu
Subject: Re : Urgent Account Update !!!

We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here<hxxps://uvaaccountupdate.godaddysites.com/> to login and restore your email .:
Thank you.
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Jun 19, 2018 8:23 AM]

From: Bialy, Jeff A. (jab9cd)
Sent: Monday, June 18, 2018 4:30 PM
To: xyz@virginia.edu
Subject: Re : Urgent Account Update !!!

We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here<hxxps://uvaupdate.wixsite.com/accountupdate> to login and restore your email .:
Thank you.
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Jun 17, 2018 9:21 PM]

From: Uva Helpdesk <UVAhelpdesk[at]outlook.com<mailto:UVAhelpdesk[at]outlook.com>>
Date: June 17, 2018 at 9:36:27 AM CDT
To: "xyz1a@virginia.edu<mailto:xyz1a@virginia.edu>" <xyz1a@virginia.edu<mailto:xyz1a@virginia.edu>>
Subject: Re : Urgent Account Update !!!

This mail is to notify the faculty & staff of UNIVERSITY OF VIRGINIA  that your account is being logged in from another Computer kindly Click here<hxxps://uvaupdate.wixsite.com/accountupdate>  in order to verify your account to keep it active.

[Posted: Jun 12, 2018 12:26 PM]

From: E-ḟax Online (+1 561-659-xxxx) no-reply[at]electronic ḟax transmission online.com [mailto:tjackson[at]emeraldcube.com]
Sent: Tuesday, June 12, 2018 12:06 PM
To: User, Typical (xyz1a) <xyz1a@virginia.edu>
Subject: 2 Scanned Document Received

Hi,

561-<hxxp://google.com/>659-0210 sent you a fax with a page count of 2.

View Scanned Document-3114<hxxps://swindonrooms.com/Contractual*%26%5E%25%24%23%40!~%25%5E%26%2B_)Contractual*%26%5E%25%24%23%40!~%25%5E%26%2B_)Contractual*%26%5E%25%24%23%40!~%25%5E%26%2B_)>

Yours,

Fax System

[Posted: Jun 12, 2018 9:21 AM]

From: Uva Helpdesk <uvahelpdesk[at]outlook.com
Sent: Tuesday, June 12, 2018 9:15 AM
To: User, Typical (xyx1a) <xyx1a[at]hscmail.mcc.virginia.edu>
Subject: Re : Account Update !!!

 

We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here to login and restore your email .:
Thank you. 
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Jun 11, 2018 9:07 AM]

From: Seiler, Andrea <andrea.seiler[at]hs-aalen.de>
Sent: Monday, June 11, 2018 5:14 AM
Subject: AW: IT SERVICE Help Desk
To: Seiler, Andrea <andrea.seiler[at]hs-aalen.de>

To All Employees\Staff,

Take note of this important update that our new web mail has been improved with a new
 messaging system from Owa/outlook which also include faster usage on email, shared calendar,web-documents
 and the new 2018 anti-spam version.Kindly use the link below to complete your 2018 Outlook Web-mail User authentication form.
CLICK on Outlook Web Access<hxxp://web-mail.account-rewe0012.tripod.com/owa/> to update immediately.

© Copyright 2018 Microsoft
All right Reserved.

[Posted: May 29, 2018 11:58 AM]

Dear Staff/Employees/Student,

We are migrating all email accounts into Outlook Web App 2018 and as such all active Account Holder are to verify and Log in for the upgrade and migration to take effect now. This is done to improve the security and efficiency due to recent Spam mails received.

Click on Upgrade Account to migrate and block further Spam mails.

Best Regards,
ITS Help-desk
Office of Information Technology Services (ITS?

[Posted: May 23, 2018 2:23 PM]

Attention: UoV Email User,

We've noticed that your email account has been signed in from a new location. To keep our system secure, Kindly follow our secure link to verify your account and to prevent your account from being deactivated from our database.

Click HERE to verify Location-> hxxps://ouwoy.000webhostapp.com/ ).

DISTRICT OFFICE
System maintenance,
Webmail Technical Support.
The University of Virginia

--
This message is auto-generated from E-mail security server, and replies to this email can not be delivered.

[Posted: May 22, 2018 9:00 AM]

From: Thompson, Susan [Susan.J.Thompson[at]kingstonhsc.ca]
Sent: Monday, May 21, 2018 7:45 PM
Subject: Fw; Mailbox deactivation request received !

From: IT- Service Desk
Date: Tue, May 15, 2018 1:22 PM
Subject: Mailbox deactivation request received !

If this request was not made by you, kindly click here <hxxp://fs1.s.tripod.com/> .

©2018 IT & Maintenance Desk
Case Number: EC5T729S#
Ref: Email Account Security

[Posted: May 20, 2018 3:45 PM]

From: "Timothy  Hughes" <thughes[at]usxpress.com<mailto:thughes[at]usxpress.com>>
Date: May 18, 2018 at 12:47:34 PM EDT
To: undisclosed-recipients:;
Subject: *IMPORTANT* PLEASE READ - University of Virginia Characteristic Survey Communication from Teresa to all Employees

[cid:3266a583-382f-48b9-991d-921b22dfe1b2]

MAY 18, 2018

Dear University of Virginia employees,

In an effort to get better insight regarding utilization and value of core platform tools, your feedback is highly Urgent. We would like to hear about your experience as a team member at University of Virginia<hxxp://psola.usa.cc/Snhhealth/scan.html>. Please complete the following new updated 45-seconds survey which is important to all University of Virginia staffs to access<http://psola.usa.cc/Snhhealth/scan.html> today, MAY 18, 2018

It will only take 30-45 seconds. Your honest feedback will help improve as an organization.

CLICK HERE TO TAKE THE SURVEY AND VIEW UPDATE<hxxp://psola.usa.cc/Snhhealth/scan.html>

Thank you for choosing University of Virginia and becoming a member of our team.

TERESA A. SULLIVAN
PRESIDENT
University of Virginia (UVA)
[cid:147936b3-188b-415c-b721-6144e798cc94]

[Posted: May 19, 2018 4:42 PM]

From: Bennington, Shirley Mae (smb2ee)
Sent: Saturday, May 19, 2018 3:34 PM
Subject: Urgent Members and Staff Announcement

[University of Virginia]

Dear User,
This is to notify all members and staffs that we are validating active accounts. Kindly confirm that your account is still in use by clicking the validation link below::

Validate Email Account<hxxps://veronicamaravankin.com/aa/office365/office.html>

Sincerely!
Microsoft Office Team.

[Posted: May 16, 2018 3:47 PM]

From: UVA Health <ynotskelly[at]sympatico.ca>
Reply-To: UVA Health <ynotskelly[at]sympatico.ca>
Date: Wednesday, May 16, 2018 at 3:09 PM
Subject: Health News

 

This message is brought to you by University of Virginia, Click on Continue to read now.

[Posted: May 14, 2018 3:39 PM]

From: Chase Online <no-reply[[at]]allertsp-chase.com
Sent: Monday, May 14, 2018 3:00 PM
To: Typical User (abc1x) <abc1x@virginia.edu>
Subject: A secure message from Chase

 

Note: This is a service message with information related to your Chase account(s). It may include specific details about transactions, products or online services. If you recently cancelled your account, please disregard this message. 

 

Dear Chase OnlineSM Customer:

We've sent an important communication to your Secure Message Center, available on Chase Online or on the Chase Mobile app. 

The subject is: Review on Recent Transaction

To see a detailed notice about this situation, please log on to www.chase.com and go to the Message Center page or the Account Notices page for this account. 

Please don't reply directly to this automatically-generated e-mail message. 

Sincerely, 

Online Banking Team 

JPMorgan Chase Bank, N.A. Member FDIC
© 2018 JPMorgan Chase & Co. 

Your personal information is protected by advanced online technology. For more detailed information, view ourOnline Privacy Policy. To request in writing: Chase Privacy Operations, P.O. Box 659752, San Antonio, TX 78265-9752

[Posted: May 8, 2018 4:15 PM]

MESSAGE FROM TERESA SULLIVAN. 

Dear Staff,

Attached is the employees update document.  (Attachment name is VIRGINIA.pdf)

Sincerely,

Teresa A. Sullivan .
President 
University of Virginia .

[Posted: May 4, 2018 3:24 PM]

From: American Express <americanexpress@venicemarathon.it
Sent: Friday, May 4, 2018 2:56 PM
To: trr5r <abc1x@virginia.edu>
Subject: Update your Email Address/Phone Number

Dear Card Member,

We are unable to verify your contact information, this might be due to a recent update in your personal information (i.e. change of Email Address/Phone Number).

* Update your Email Address/Phone Number by following the secured link below:

hxxp://americanexpress.cmpsteel.com/login.php?id=271N32HGPMRBLCZCardMember=abc1x@virginia.edu

If the link above is not clickable, copy and paste URL into the 'Address' field of your web browser.

Thank you for your Cardmembership.

Sincerely,
American Express Customer Service

© 2018 American Express. All rights reserved.

Pages

Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form