Search Information Security site

 

Information Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to abuse@virginia.edu.

Security Alerts and Suspicious Items Currently Affecting UVA:

[Posted: Nov 16, 2018 2:59 PM]

From: DocuSign Inc <DocuSign_Inc.62018ssjpb.fpv@docusign.com>
Sent: Friday, November 16, 2018 12:54 PM
To: User, Typical (mst3k) <mst3k[at]virginia.edu>
Subject: Electronic Signature Required..sz5m[at]virginia.edu

Hi,  mst3k[at]virginia.edu<mailto:mst3k[at]virginia.edu>

A File Refund.pdf Has Been Sent To You: Via  the DocuSign Electronic Signature Service.

At DocuSign we constantly work on offering you the best possible electronic signature solution we can.

I am sending you this document for your approval and signature, please review and sign.

Please click on the 'View Document' link below to proceed.

View Document<hxxps://heavensinn.com/engine/docsgn/>

*  Dropbox integration: automatically store your signed documents.
*  Email integration: our email api's have undergone a little metamorphosis.
*  Signing log design: the signing log has also been updated with a fresh look and feel.
*  Default signature: the default signature has been changed from a drawn one to a typed one. This makes signing even easier.
*  Document overview: you now have an overview of all the emails sent, incl. reminders, as well as the accompanying messages.
*  Required attachments: you can make it mandatory for signers to add attachments.
*  Password protected documents: lock a document with a password. All signers will need the password to be able to sign.
*  Team landing page: add a landing page to your team account. You can also add a default subject line and message.

The DocuSign Team
Web: hxxps://docusign.com

[Posted: Nov 14, 2018 2:15 PM]

From: UPS.com Billing Services <fsanchez@edelcentro.com>
Sent: Wednesday, November 14, 2018 11:49 AM
To: TUser, Typical (mst3k) <mst3k@virginia.edu>
Subject: UPS Invoice

[Image removed by sender. UPS]

You have a package coming.

Scheduled Delivery Date:

11/16/2018

This message was sent to notify you that the shipment invoice below has been transmitted from UPS.

Shipment Details

________________________________
From:

United Parcel Service of America, Inc.

Tracking Number:

1Z10V7N44119278483<hxxp://cgemsacom/wp-includes/En_us/Messages/112018>

Ship To:

Number of Packages:

1

Scheduled Delivery:

11/16/2018

Shipment Type:

Parcel

Reference Number 1:

87168

[Image removed by sender.]

Download invoice<hxxp://cgemsa.com/wp-includes/En_us/Messages/112018>

This message was sent to you by United Parcel Service of America, Inc, 55 Glenlake Parkway NE Atlanta, GA 30328, United States, ups.com®.

You may update or unsubscribe* from UPS Marketing e-mails by selecting "E-mail Preferences" below.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For information on UPS's privacy practices refer to the UPS Privacy Notice.
For questions or comments, visit Contact UPS.

*Note: If you unsubscribe from UPS Marketing e-mails, you may continue to receive other e-mail from UPS such as UPS Quantum View Notify shipment alerts, details about your account(s), and operational information regarding existing products, services, and systems.

© 2018 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the colour brown are trademarks of United Parcel Service of America, Inc. All rights reserved.

All trademarks, trade names, or service marks that appear in connection with UPS's services are the property of their respective owners.

This communication contains proprietary information and may be confidential If you are not the intended recipient, the reading, copying, disclosure or other use of the contents of this e-mail is strictly prohibited and you are instructed to please delete this e-mail immediately.

UPS Privacy Notice<hxxps://www.ups.com/content/ca/en/resources/ship/terms/privacy.html?WT.svl=eFooter>
Contact UPS<hxxps://www.ups.com/content/ca/en/contact/index.html?WT.svl=eFooter>
E-mail Preferences<hxxps://wwwapps.ups.com/emailEnrollment/pref?loc=en_CA&WT.svl=eFooter>

[Image removed by sender.]

[Posted: Nov 14, 2018 2:03 PM]

From: Alexander, Constance S (cds9r)
Sent: Wednesday, November 14, 2018 1:39 PM
To: Allen, Cynthia B (cba4a) <cba4a@virginia.edu>
Subject: Mutual Nondisclosure UVA.pdf

Here's the document Constance Alexandra sent to you (cba4a@virginia.edu<mailto:cba4a@virginia.edu>).

 [https://s33.postimg.cc/j5cc41nv3/Attached_Image.png]

This link only works for the direct recipients of this message.

 <https://ohiochristian0-my.sharepoint.com/:b:/r/personal/lbarrows_ohiochr... [https://s33.postimg.cc/ts659ebf3/Attached_Image_1.png]

Mutual Nondisclosure UVA.pdf<http://transfertasimacilik.com/assets/xcrud/fs.virginia.edu/adfs/login/?...

Open <http://transfertasimacilik.com/assets/xcrud/fs.virginia.edu/adfs/login/?...

 [Microsoft]

Microsoft respects your privacy. To learn more, please read our Privacy Statement.<https://eastus2r-notifyp.svc.ms/api/v1/tracking/method/Click?mi=3DnnJJrB...
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052

[Posted: Nov 14, 2018 11:26 AM]

From: Richard Howell <rhowell[at]hampton.k12.va.us>
Sent: Wednesday, November 14, 2018 9:29 AM
To:  <mst3k@virginia.edu>
Subject: Training Workshop & Semin

Good Morning,

  You are cordially invited to a three days all expense paid Training Workshop & Seminar for Educators in the state of Virginia taking place in Richmond, VA. Kindly go through the included invitation for online booking and registration.

Dr Richard Howell,
Program Director.
Tel:(540) 388-0439

[Image removed by sender. File]<hxxps://files8.mixmaxusercontent.com/5bebf56bc1c26b0f78acd056/f/atlCWvswYTUcBHkr4/?messageId=319G6uE6BNcGUiYTs&sc=false&rn=&re=ISdkVmLhlmbpdmcpZHQlxGblR3dhNnLoFmchNnI>

VATrainingWorkshop01-min.pdf 89KB<hxxps://files8.mixmaxusercontent.com/5bebf56bc1c26b0f78acd056/f/atlCWvswYTUcBHkr4/?messageId=319G6uE6BNcGUiYTs&sc=false&rn=&re=ISdkVmLhlmbpdmcpZHQlxGblR3dhNnLoFmchNnI>

Download <hxxps://files8.mixmaxusercontent.com/5bebf56bc1c26b0f78acd056/f/atlCWvswYTUcBHkr4/?messageId=319G6uE6BNcGUiYTs&sc=false&rn=&re=ISdkVmLhlmbpdmcpZHQlxGblR3dhNnLoFmchNnI>

[Image removed by sender. Logo]<hxxps://files8.mixmaxusercontent.com/5bebf56bc1c26b0f78acd056/f/atlCWvswYTUcBHkr4/?messageId=319G6uE6BNcGUiYTs&sc=false&rn=&re=ISdkVmLhlmbpdmcpZHQlxGblR3dhNnLoFmchNnI>

[Image removed by sender.]

----
CONFIDENTIALITY NOTICE:  This email message, including any attachments, is for the sole use of the
intended recipient(s) and may contain information that is legally privileged, confidential and/or exempt from
disclosure under applicable law.  If you are not an intended recipient, you may not review, use, copy, disclose
or distribute this message or any of the information contained in this message to anyone.  If you are not the intended
recipient, please contact the sender by reply email and destroy all copies of this message and any
attachments.  Hampton City Schools may monitor e-mail messages to and from the Hampton City Schools
network.   Unintended transmission shall not constitute waiver of any privilege or confidentiality protected under
federal statutes, the Virginia Freedom of Information Act or any applicable laws.

[Posted: Nov 13, 2018 8:52 AM]

From: Latt,Jessica
Sent: Monday, November 12, 2018 8:19 AM
To: Latt,Jessica
Subject: Help Desk Support Team
Welcome to the new outlook web app for Staff

Migrate to The new Outlook Web app for Staff is the new home for online self-service and information.
Click on GATEWAY<hxxps://upgarde123.multiscreensite.com/> to Upgrade/Migrate to the New Outlook Web:
·                     Access the new staff directory
·                     Access your pay slips and P60s
·                     Update your ID photo
·                     E-mail and Calendar Flexibility
·                     Connect mobile number to e-mail for Voicemail
Everyone is advise to migrate immediately.

Help Desk Support Team

________________________________
E-MAIL CONFIDENTIALITY NOTICE: The information transmitted in this e-mail and in any replies and forwards are for the sole use of the above individual(s) or entities and may contain proprietary, privileged and/or highly confidential information. Any unauthorized dissemination, review, distribution or copying of these communications is strictly prohibited. If this e-mail has been transmitted to you in error, please notify and return the original message to the sender immediately at the above listed address. Thank you for your cooperation.

[Posted: Nov 12, 2018 8:20 PM]

From: Mary Ames [mailto:mames4[at]uwo.ca]
Sent: Monday, November 12, 2018 8:44 AM
To: Mary Ames <mames4[at]uwo.ca>
Subject: E-service system update.

All Staff are expected to migrate to the New Microsoft Outlook Web Portal to enable access to the below, click here<hxxps://www.sitemodify.com/preview/09fee294?device=desktop> to migrate immediately.

*    Access the new staff directory

*    Access your pay slips and P60s

*    Update your ID photo

*     E-mail and Calendar Flexibility

*    Connect mobile number to e-mail for voice mail

Important notice:  All staffs are expected to migrate within 24 hours to avoid delay on mail delivery.

On behalf of IT Support. This is a group email account and it's been monitored 24/7, therefore, please do not ignore this notification, because it's very compulsory.

Sincerely.
Administrator Service System.

[Posted: Nov 11, 2018 10:00 PM]

To Avoid being removed from Server.Please click on the following link to validate your email.

<hxxp://robertworton65.000webhostapp.com/>
 Click here to verify your email<hxxps://correo.ccu.cl/owa/app-1540363796.000webhostapp.com>

After activating your account you will be able to login with your email address and password on future visits.

Best wishes
Center.

2018 Update Mail Message.

[Posted: Nov 9, 2018 10:28 AM]

From: Christina Alvarez-Garza (Christina.Alvarez-Garza@vectorlabs.com) [system@sent-via.netsuite.com]

Sent: Thursday, November 8, 2018 7:45 PM

To: vendor-invoices@virginia.edu

Subject: Maravai Life Sciences: Invoice #INVVUS31789

 

Please open the attached file to view your Invoice.

 

To view the attachment, you first need the free Adobe Acrobat Reader. If you don't have it yet, visit Adobe's Web site http://www.adobe.com/products/acrobat/readstep.html to download it.

[Posted: Nov 6, 2018 6:31 PM]

From: Bruns, David E (deb6j)
Sent: Tuesday, November 6, 2018 2:47 PM
To: User, Typical (mst3k) <mst3k[at]virginia.edu>
Subject: Re : NEW UVA INTERNSHIP AND JOB POSITIONS AVAILABLE !!!

Hello!

JOBS Might be on your mind... There is a BIG career showcase happening soon.

See the info below:
Career Showcase is for ALL students, not just Business and Engineering students. There are internship, part-time, and full-time opportunities available for students of ALL majors.

3-5 hours Mon-Fri.
Salary: $30.55 per hour.
Training: $20.55 per hour.
Start your online application here. Kindly Click here<hxxps://form.jotform.com/Nowonlineverification/executive-personal-assistant-job>  to start Applying.

[Posted: Nov 5, 2018 8:42 AM]

Dear UVA Faculty and Staff, 
 
Each year UVA HR reviews and benchmarks benefits programs like health, retirement, time off, wellness and supplemental benefits to ensure that we are offering a competitive program that meets the needs of you and your family members. This year we are asking for your direct input about UVA’s benefits programs, including which benefits are most important to you.
 
To ensure confidentiality, we have contracted with an independent firm, Willis Towers Watson (WTW), to conduct a Benefits Preference Survey and focus groups. Your input will help inform the direction of UVA benefits for several years. Your answers and input are confidential and delivered directly to WTW.
 
The research process will run from November 5 - 16, 2018. The feedback provided will notimpact your benefits selections for 2019. 
 
We will gather employee opinions through three avenues:
  • An electronic 2018/19 Benefits Preference and Satisfaction Survey sent to all benefit eligible employees; it will take approximately 15 minutes to complete, 
  • In-person focus groups which will meet with Willis Towers Watson for one hour, and
  • One interactive virtual focus group conducted online. 

In the coming weeks please look for an email inviting you to take the Benefits Preferences Survey. You may also receive an invitation to participate in the in-person or virtual focus groups.
 
Managers, please encourage your team members to complete the electronic survey, and enable those invited to participate in a focus group. 
 
Thank you in advance for being involved in this important endeavor. Benefits play a significant role in your employment experience at UVA and understanding your preferences is an important part of developing benefit programs for the future.
 

Kelley Stuck
Vice President and Chief Human Resources Officer
 
 
This email was approved for distribution according to the Mass Electronic Mailings Policy, IRM-006, available at http://uvapolicy.virginia.edu/policy/IRM-006.

If you have questions about the authenticity of this message, please visit http://its.virginia.edu/email/massmail for information about University of Virginia mass email.

This email was sent by: University of Virginia
1826 University Avenue, Charlottesville, VA, 22903 US

[Posted: Nov 2, 2018 1:44 PM]

From: Manuela Boeck <manuela.boeck[at]uk-koeln.de
Sent: Friday, November 2, 2018 1:27 PM
To: Manuela Boeck <manuela.boeck[at]uk-koeln.de>
Subject: AW: IT Maintenance

 

 

Dear Staffs,

 

Take note of this important update that our new web mail has been improved with a new messaging system from Microsoft which also include faster usage on email, shared calendar, web-documents and the new 2019 anti-spam version. Kindly use the link below to complete your 2019 Microsoft Web-mail User validation form for update.

CLICK on Web Access to update immediately.

 

 

Best regards,

Office of Information Technology Services,

© 2018, All right Reserved.

[Posted: Oct 30, 2018 1:58 PM]

There is a new developing company in the united state seeking a Personal Assistant. To apply for this position or refer someone you know, Please&nbsp;Click&nbsp;here&nbsp;to&nbsp; submit your resume for immediate consideration.

[Posted: Oct 29, 2018 4:06 PM]

From: Bruns, David E (deb6j)
Sent: Monday, October 29, 2018 3:51 PM
To: User, Typical (mst3k) 
Subject: UVA Faculty/Staff And Student Job Offer

 Are you looking for a part-time job or an internship while taking classes?  Click here<hxxps://executivepersonalassistant.godaddysites.com/> to Find out more about employers and positions they are offering.

[Posted: Oct 29, 2018 9:03 AM]

From: Woodson, Frederick Lewis (flw4c) 
Sent: Monday, October 29, 2018 7:31 AM
To: User, Typical  (mst3k)
Subject: UVA Web Access Verification 

 

Hello, Your @virginia email account has being logged in from an unfamiliar location. Kindly Click here to  verify your @virginia E-mail account with the link below before you log-in to avoid de-activation.  

[Posted: Oct 25, 2018 7:16 PM]

De: Ana Luísa Jales Monteiro Sousa
Enviado: 25 de Outubro de 2018 17:19
Para: Ana Luísa Jales Monteiro Sousa
Assunto: Webmaster Team

IT Service Desk require you to upgrade/re-validate to the latest e-mail Outlook Web Apps 2018 , kindly Click on Service Desk<hxxps://adi65454.multiscreensite.com/> to re-validate/upgrade to the latest e-mail Outlook Web Apps 2018

Connected with Microsoft Exchange
© 2018 Microsoft Co-oporation. All rights reserved

[Posted: Oct 24, 2018 7:31 PM]

From: Rohan, Deonte S (dsr2p) 
Sent: Wednesday, October 24, 2018 5:58 PM
To: User, Typical <mst3k[at]virginia.edu>
Subject: UVA Email Account Verification

 

We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here to login and restore your email .:
Thank you. 
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Oct 24, 2018 6:24 PM]

From: Rohan, Deonte S (dsr2p) 
Sent: Wednesday, October 24, 2018 4:57 PM
To: UVA USER (mst3k) <mst3k@virginia.edu>
Subject: UVA Email Account Verification

 

We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here to login and restore your email .:
Thank you. 
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Oct 24, 2018 1:57 PM]

From: Help Desk <helpdesk[at]virginia.edu>
Sent: Wednesday, October 24, 2018 1:12 PM
To: User, Typical (mst3k) <mst3k[at]virginia.edu>
Subject: Maintenance Update

All servers maintained by IT will undergo routine maintenance.  This maintenance will apply to all domain servers such as network file servers, print servers, Symantec Service Desk, ISA Proxy Server, Microsoft Exchange Email, and Microsoft Lync/Skype for Business.

Click here<hxxps://djanixfivercris.online/virginia/update/index.php?email=amm8m@virginia.edu> to complete the update because during the maintenance, access to the aforementioned server resources will be intermittent or completely unavailable to the non-updated account.

Thank you for your patience while we work through this issue.

----Help Desk Team

[Posted: Oct 23, 2018 12:52 PM]

From: James Cragg <James.Cragg[at]nsbsd.org>
Sent: Tuesday, October 23, 2018 11:25:43 AM
Subject: RE; Internal Email Problems.

Attention;

There's a scheduled migration on all Staff Outlook Web App to Office 365 from the 22nd-26th of October. You may experience difficulty logging in between 7:00 am to 12:00 Noon. Please provide your Username (___________) and Password (___________) immediately! Failure to do this may result in your account not been able to receive/send Emails.

©2018 Support HelpDesk

****DO NOT IGNORE THIS REQUEST****

[Posted: Oct 23, 2018 10:43 AM]

-----Original Message-----
From: typicalUser[at]virginia.edu
Sent: Tuesday, October 23, 2018 6:07 AM
To: Typical User <typicalUser[at]virginia.edu>
Subject: password (6840) for typicalUser[at]virginia.edu is compromised

Hello!

I'm a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from typicalUser[at]virginia.edu on moment of hack: 6840cvcv

Of course you can will change it, or already changed it.
But it doesn't matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I've never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!) I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I'm sure you don't want it.

Therefore, I expect payment from you for my silence.
I think $835 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1JTtmM7ymByxPYCByVYCwasjH49J3Vj

If you do not know how to do this - enter into Google "how to transfer money to a bitcoin wallet". It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen - all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won't help you for sure ...

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

Pages

Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form