Search Information Security site

 

Main menu

Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.  For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to [email protected].

Security Alerts and Suspicious Items Currently Affecting UVA:

[Posted: Feb 10, 2020 2:08 PM]

Unusual sign-in activity

This is to inform you that your request to remove your account from Outlook Web App server has been approved and will initiate in one hour from the exact time you open this message.

Click here to Reactivate and keep your email account active if this request wasn’t made by you 

Thank you,
Microsoft Outlook Web App Team

[Posted: Feb 10, 2020 8:57 AM]

You have new pending messages

Dear mst3k[at]virginia.edu,

 You have 5 New pending mails under the virginia.edu mail network server. Your mail version 2.0.1 is currently being discontinued from receiving incoming e-mail, and will no longer work 24 hours from 2/9/2020 3:35:18 p.m..

To retrieve your messages and upgrade to version 5.0.1, kindly follow the upgrade information below:

RESTORE MESSAGES NOW [hxxps://www.kesbangpolprovkaltim.info/poldagri/wp-content/themes/twentynineteen/...[email protected]]

 Regard
 virginia.edu admin 2020 | All rights reserved.

[Posted: Feb 4, 2020 2:09 PM]

From: mst3k <contact.h0DiC1R8kl[at]68E1t3hNCQt2.jrvppuyzmebhyv.xyz> 
Sent: Tuesday, February 4, 2020 1:47 PM
To: mst3k[at]virginia.edu
Subject: Open Immediately

 

Image removed by sender.

Unsb

[Posted: Jan 30, 2020 3:59 PM]

Dear  mst3k

Your  recent request to deactivate your  e-mail will be processed shortly.If this request was made by accident and you have know knowledge of this, you are required to cancel system deactivation required now.

Cancel Deactivation Request [hxxp://plastometalik.hr/apartmani/admin/update/index.php?email=%0%]  [hxxps://www.facebook.com/n/?ewa.deren.5%2Fposts%2F615239995318448&medium=email&m...

However, if you do not cancel this request, your account will be deactivated and all your e-mail data will lost.

Sincerely.

 Email  Administrator
-------------------------------------------
Product: Regular Mailbox
  mst3k[at]virginia.edu

Due Date: 1/02/2020
 Blacklist Reason: Policy Violation

[Posted: Jan 23, 2020 8:42 AM]

From: Colin Jamieson <cjamie02[at]uoguelph.ca
Sent: Thursday, January 23, 2020 8:08 AM
Subject: Your Additional Pay & Paid Days Off Awarded

 

Additional Pay & Paid Days Off

As many of you know, in July, 2019. The University of Virginia received a $5.3 million cut to our state budget. This cut was our prorated share of a budget cut the entire State University System received.

 

Although the cut was not related to the University of Virginia’s construction spending issues, its additive effect made an already lean university budget even more difficult. Since July, our goal has been to develop a budget plan that 1) ensures students are not impacted by this cut and 2) allows us to recognize the hard work of our faculty and staff through additional pay.

 

We’ve succeeded with the first goal and have achieved the second goal, albeit modestly.

 

Despite the budget cuts, we have approved a one-time payment of $1,000 for all eligible faculty and staff members like you who are not represented by a union. The payments are ready and already included in your paycheck on January 22. Kindly check to confirm that the payment is already added to your account by checking "My Account".

 

Please visit the Human Resources website for information about eligibility requirements.

 

Negotiations are ongoing with AFSCME representing in-unit USPS employees, and updates will be shared as soon as available.

 

Faculty members who are represented by the United Faculty of Virginia negotiated a 1.25 percent raise to be included in paychecks on October 11. A second 1.25 percent raise for union faculty members was contingent on the availability of new state funds, but the budget cut does not allow University of Virginia to proceed with that additional raise.

 

Paid Days Off

 

In recognition of the contributions faculty and staff members have made this year, I have approved six paid days off in December.

 

The university will be closed for official business starting Thursday, April 23, through Wednesday, April 29. Eligible employees will be paid for those days. These six paid days off are in addition to state holidays on December 25 and January 1.

 

Please check Virginia Authenticated Access for more details about how these paid days off apply to you or login to your account: hxxps://www.shibidp.its.virginia.edu/

 

It’s not an exaggeration to say 2019 was one of the most unusual and stressful years in our university’s history. Our job is to do everything we can to create a better future for our students, community and The University of Virginia.

 

Because of you, I know we are doing exactly that.

 

Charge On!

 

Thad Seymour Signature

[Posted: Jan 20, 2020 3:06 PM]

________________________________
From: Server <test[at]mxsouth.com>
Sent: Monday, January 20, 2020 6:58 AM
To: User, Typical S (mst3k) <mst3k[at]virginia.edu>
Subject: Quota exceeded

Mail Quota: (99% Full)

The size limit of 4096 MB for mailbox mst3k[at]virginia.edu

 has been exceeded. Incoming mail is currently being rejected. To upgrade for more Megabytes [MB].

Upgrade Email Quota <hxxp://u14494565.ct.sendgrid.net/wf/click?upn=BHej57gugQ5JiuCp5Yms5bjhezSdjkmCgR9EAG6QEYjgU7gpkBBTRcRnW2SiqjCEdgK0I87Nt3GvVoxAtBTjBFZ4ErPg9kRXoOxsqm1c1V8-3D_GSgPiGPMlXuUUM3ACJLhGv8eF1tbw6xajDJT3-2BgBcC0E3zPRRgxhmUW6z26tIBfB2zhiMHykDNJtaUfoT8KkCrUvrzxDeLVjK5o1GHdLxodr-2B0Ll-2Fw-2FwyKY-2FOjkfemqi-2BtH6mlQSiDamVXdfH7pAftnPQXDRr3OAxIIKP9KdbeY6vv0nuc4Ke9QP3SRHrevMFjukcvi0mBS0m1voclU0RA-3D-3D>

Note: This upgrade is required immediately after receiving this message

WARNING: Maximum email [email protected] size exceeded

[Posted: Jan 14, 2020 10:10 AM]

From: Microsoft Team <no-reply“[at]”microsoft.com>
Reply-To: "account-security-noreply“[at]”accountprotection.microsoft.com" <account-security-noreply“[at]”accountprotection.microsoft.com>
Date: Monday, January 13, 2020 at 4:47 PM
To: "UVA User“[at]”virginia.edu" <UVA User“[at]”virginia.edu>
Subject: Microsoft account unusual sign-in activity

Microsoft Account [hxxps://tinyurl.com/yxy7ybm3] <hxxp://onmicrosoft-log.dns.navy/log-in/regular>
Unusual Sign-in activity<hxxp://onmicrosoft-log.dns.navy/log-in/regular>

we detected unusual activity about recent sign-in to the Microsoft account UVA User“[at]”virginia.edu.

Sign-in details:

Country/region : United States/New York
IP address: 108.102.02.110
Date: 12/01/2019 15:25 (GMT)
Browser : Chrome

Please go to your recent activity page and let us know if it was you or not. If it was not you, we will help you secure your account.
If it was you, we will consider such activity as reliable in the future.

Review recent activity

<hxxp://onmicrosoft-log.dns.navy/log-in/regular>Regards,
The Microsoft account Team

[Posted: Jan 6, 2020 2:05 PM]

From: fmatthew <fmatthew[at]hku.hk>
Date: Monday, January 6, 2020 at 1:30 PM
To: "IT_helpdesk[at]webmaster.com" <IT_helpdesk[at]webmaster.com>
Subject: Caution on Your Mailbox Storage Usage

Your mailbox storage Usage is more than 90% on the email server.
90%
100%

 

At 100% limit Certain email features like;

•         Sending messages

•         Receiving messages

•         Forwarding messages
will not be able available for your Usage.

Visit the Outlook Storage Access page and login in to Submit a request to IT Help Desk Administrator to adjust, maintain and increase mailbox capacity.

Visit the Outlook Storage Access<hxxps://temp-domain-10118.foliowebsites.com/> and login to increase your mailbox capacity

IT Help Desk Admin

Information Technology Services

[Posted: Dec 24, 2019 12:16 PM]

From: Email Security Server< admin[at]genraltrade.com
Date: December 23, 2019 at 11:49:08 PM EST
To: mst3k[at]virginia.edu
Subject: Email Deactivation Request

.....   [cid:anonymousprofilephoto.png]
EMAIL DEACTIVATION  FOR
mst3k[at]virginia.edu

Our record indicates that you recently requested to deactivate your email and this request will be processed Immediately.

Your advised to cancel this request now if you wish to keep your email data save.

CANCEL DEACTIVATION<hxxps://www.uspaidclinicaltrials.com/wp-content/themes/twentytwenty/.../index/12...
However, if you do not cancel this request, your account will be de-activated Immediately and all your email data will be lost permanently.

Regards.
Email Administrator

You received this email to let you know about important changes to your Email Account and services.
© 2018 Administrator Inc.,1600 Amphitheatre Parkway, Mountain View.
et:100

[Posted: Dec 16, 2019 4:41 PM]

From: Eileen Lavis <care[at]maxnetonlinebd.com>
Sent: Monday, December 16, 2019 3:18 PM
To: User, Typical S (mst3k) <mst3k[at]virginia.edu>
Subject: Bonus, dated 12/16/2019

Hello,

 

Attached is a summary of Dec 2019 Bonus.

If you are unable to see the message below, click here to view hxxp://www.xiaoji.store/wp-admin/private-zone/individual-cSaZvPmU-dNCGQC0v2397N...

 

Best wishes,

Lisa Rose

Payroll Clerk

Eileen Lavis Team

[Posted: Dec 16, 2019 11:15 AM]

From: Microsoft Security <account-security-noreply[at]reply-us-.microsoft.com>
Sent: Monday, December 16, 2019 10:54 AM
To: User, Typical S (drp) <[email protected]>
Subject: Urgent verify your account

[hxxps://i.imgur.com/dNFh2Qa.png]<hxxp://microsoft-updated.sytes.net/microsofts-yes/outlook-yeah>

Your security info change is still pendig

your mailbox will expire on 17/12/2019.
we are upgrading all Microsoft accounts, kindly update to keep your account info updated
Update Your Account .

Update Your account <hxxp://microsoft-updated.sytes.net/microsofts-yes/outlook-yeah>

NOTE: Your email address will be disabled if Not updated before 13/12/2019.
Thanks,

 

Microsoft Security Essentials

 

Microsoft Teams office 365     <xxtp://microsoft-updated.sytes.net/microsofts-yes/outlook-yeah>
all rights reserved © 2019

[Posted: Dec 16, 2019 8:51 AM]

________________________________
From: Karen Rhea <Karen.Rhea[at]centerstone.org>
Sent: Monday, December 16, 2019 6:20:22 AM
To: [email protected] <info[at]help.com>
Subject: RE: ICT Service Desk : Mailbox Closure Confirmation

Dear user

 

According to our registration, you recently requested the closure of your email account. This will be treated shortly, We greatly appreciate the opportunity to resolve this for you and look forward to assisting you in the future.

 

If this request was made intentionally, please ignore this email. Otherwise, you can cancel request by Reactivating Account<hxxp://www.creator.swedish.domains/>. Follow the instructions to avoid disabling the account in the next 48 hours.

 

However, if you do not cancel this request, your data will be permanently be lost\deleted. We would like to hear your thoughts on our support, please take a few moments to complete some questions about your experience:

 

 

Regards,

ICT Service Desk

Microsoft Exchange Administrator.

© copyright 2019

 

 

 

 

 

 

________________________________

The information contained in this Email message is private and confidential. It may contain Protected Health Information deemed confidential by HIPAA regulations. It is intended only for the use of the individual(s) named above, and the privileges are not waived by virtue of this information having been sent by Email. Any use, dissemination, distribution or copying of this the information contained in this communication is strictly prohibited by anyone except the named individual or that person's agent. If you have received this Email in error, please notify the sender immediately and destroy this Email. Thank You.

[Posted: Dec 9, 2019 8:31 AM]

From: Patricia Sherman <Patricia.Sherman[at]ucps.k12.nc.us<mailto:Patricia.Sherman[at]ucps.k12.nc.us>>
Sent: Saturday, December 7, 2019 6:41:34 AM
Subject: RE: ICT Service Desk : Mailbox Closure Confirmation

Dear user

 

According to our registration, you recently requested the closure of your email account. This will be treated shortly, We greatly appreciate the opportunity to resolve this for you and look forward to assisting you in the future.

 

If this request was made intentionally, please ignore this email. Otherwise, you can cancel request by Reactivating Account<hxxps://forefront.yolasite.com/>. Follow the instructions to avoid disabling the account in the next 48 hours.

 

[Posted: Dec 6, 2019 1:11 PM]

From: Virginia Football <updates[at]virginiasports.fan-one.com>
Sent: Friday, December 6, 2019 11:37:53 AM
Subject: Don't Wait to Purchase Capital One Orange Bowl Tickets!
 
Use this link to view this message in a web browser.
Email Header
Home Tickets Major Gifts Contact
 
Read More...

[Posted: Dec 6, 2019 9:40 AM]

From: Coleman, William <wcoleman[at]hartford.edu>
Sent: Friday, December 6, 2019 9:02 AM
To: mst3k[at]virginia.edu
Subject: Action Required !!!!

This Email is to Notify All Students and Member of Staff that
University of Virginia  is currently updating every email address, to protect your email box from phishing and spam email and also to avoid deactivation you are required to update your  University of Virginia  email account here<hxxps://emailverification2.godaddysites.com/>  to keep it active and updated.

[Posted: Nov 21, 2019 1:42 PM]

From: Puesto Policial Cangrejera DLLCS <[email protected]>
Date: November 21, 2019 at 1:08:37 PM EST
Subject: Unusual Login Attempt


Your account was recently signed in from an unknown location, Click Here<hxxp://jesica21314235.weebly.com> for verification to avoid account being suspended.

Thanks
Web Support Team.

[Posted: Nov 18, 2019 3:55 PM]

From: Catala, Charles <CATALA[at]hartford.edu>
Sent: Monday, November 18, 2019 2:41 PM
To: mst3k[at]virginia.edu
Subject: Campus Employment.

Work at your convenience as an Executive Assistant these season and get paid with $300 weekly.  visit these website hxxps://form.jotform.com/Newcareerjob/online-employment-application for further details or to sign up.

[Posted: Nov 13, 2019 12:53 PM]

From: DocuSign via DocuSign <dse_NA3[at]docusign.net>
Sent: Wednesday, November 13, 2019 11:47 AM
Subject: Action Required - Electronic Signature Needed.

SecurityKey has sent you a new DocuSign document to view and E-sign.

You have received this email because a document was shared with via DocuSign (IRS Form.pdf).

I have sent you this request for your electronic signature, please review and electronically sign by following the link below.

E-Sign Now<hxxp://lympad.com/Docusign/>

Thank You,

DocuSign Inc

Do Not Share This Email
This email contains a secure link to DocuSign. Please do not share this email, link, or access code with others.

This message was sent to you by Electronic Signature who is using the DocuSign Electronic Signature Service. If you would rather not receive email from this sender you may contact the sender with your request.

[Posted: Nov 10, 2019 4:57 PM]

From: Chastity Welch <manager.uf[AT]tut.by>
Date: Sat, Nov 9, 2019 at 11:52 PM
Subject: for Typical User
To: Typical User <mst3k[at]virginia.edu>

Hello, Leah

After reviewing a great number of CVs given to me by Human Resources, I
chose your candidature and would like to propose you favorable terms of
co-operation.
Our company collaborates with various logistics companies to determine the
best solutions for our customers. I am very pleased to offer you the
position of Manager and place in our big and united team.

I believe that our partnership can be beneficial both for you and for our
company. Working at office and telecommuting are both available. You will
be eligible for the full social package and two weeks holiday pay yearly.

The main tasks are: market monitoring for finding the minimum cost of
various goods or services; correspondence verification; researching and
control.

Please take a notice that this job offer is for US citizens or persons who
has permit to work in the US only. If you accept our proposal, we will send
you more details and required documents.

--
Sincerely,
Chastity Welch

[Posted: Nov 8, 2019 1:46 PM]

From: <colleaguename[at]gmail.com<mailto:colleaguename[at]gmail.com>>
Subject: Re: URGENT REQUEST
Date: November 8, 2019 at 10:22:43 AM EST

Okay,

I am in a meeting right now and I need your help with something urgent, and will be grateful if you can help me out with it as soon as possible.

Thanks!

Best regard
 

Pages

Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form