Security Alerts & Warnings
This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.
Regarding Suspicious Email Alerts
Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.
- If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
- Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
- If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us by forwarding it to [email protected].
Security Alerts and Suspicious Items Currently Affecting UVA:
[Posted: Jul 19, 2019 10:16 AM]
From: Eduard Khudainatov [mailto:aneftegazxoldingy[at]yandex.com]
Sent: Friday, July 19, 2019 4:09 AM
Subject: SOFT OFFER
Dear Sir / Madam,
I am very pleased to come across your esteemed company and so decided to contact you to see if you will find this Interesting. I am a mandate to big Russian refinery here in the Federation of Russia and I would like to bring you this good offer. Attached here is seller's offer for your review and if interested, kindly get back to me for immediate proceedings.
[Posted: Jul 15, 2019 8:30 AM]
From: University of Virginia <webmailaccountupgrade8[at]virginmedia.com>
Sent: Monday, July 15, 2019 8:13 AM
Subject: UVA: Email Account Verification Alerts!
Dear UVA User:
Your University of Virginia E-mail Account is due for upgrade.
Kindly upgrade immediately to avoid E-mail Account suspension or shut down.
Click Here To Upgrade Now<hxxp://hawking.ismb.it/sites/default/files/languages/index.php>
Note-: Please kindly upgrade your University of Virginia E-mail Account immediately, failure to do so will lead to account suspension.
| UVA. ICT Department...
© 2019 University of Virginia.
[Posted: Jul 12, 2019 11:13 AM]
[Posted: Jul 9, 2019 3:41 PM]
From: User, Typical firstname.lastname@example.org <email@example.com> On Behalf Of Sales Manager
Sent: Tuesday, July 9, 2019 2:47 PM
To whom it may concern.
Kindly correct the attached invoice and send back for payment asap.
[Posted: Jul 9, 2019 9:25 AM]
Online virus scanner
Your email requires immediate scanning for virus . Kindly be informed that ignoring to scan your system within the next 72
hours might lead to losing ofÂ your important files and messages.
Click below to complete scanning and update your Email now to avoid losing your important files and messages.
Complete scan >> >> [hxxp://coolmax.co.in/owner/js/pages/?e=mst3k[at]virginia.edu]
Copyright 2019 Inc
[Posted: Jul 8, 2019 12:14 PM]
From: Kelly, Robert G (rgk6y) <rgk6y[at]virginia.edu>
Sent: Monday, July 8, 2019 11:08 AM
Subject: I am sharing 'INVOICE0929.pdf' with you from SharePoint
Robert G.Kelly shared a secure PDF file with you via Microsoft Share Point
Your report is in PDF format, click here to view<hxxps://storage.googleapis.com/asharepoint-marcelled-857782409/index.html>.
Please Note: This document has been scanned against phishing /virus.
Robert G. Kelly FES FNACE
Editor, The Electrochemical Society Interface
Current Issue: xxtp://interface.ecsdl.org/content/current
AT&T Professor of Engineering
MSE Department Associate Chair for Finance
Dept. of Materials Science and Engineering
University of Virginia
Wilsdorf Hall, Rm 328
395 McCormick Rd
P. O. Box 400745
Charlottesville, VA 22904-4745
(434) 555-5783<tel:%28434%29%20982-5783> (W)
(434) 555-5799<tel:%28434%29%20982-5799> (fax)
On behalf of the Australian Corrosion Association:
[Posted: Jul 2, 2019 12:55 PM]
From: VIRGINIA WEBMASTER <enquiry[at]office3696.com>
Date: Tuesday, July 2, 2019 at 12:50 PM
Subject: Important Update
You have an update from Virginia Webmaster Click here<hxxp://mailckdm.com/central/authorization/server/> to read.
[Posted: Jul 2, 2019 12:09 PM]
From: Adam Rabinowitz <Rabinowitz[at]collaborativecommunications.com>
Date: Tuesday, July 2, 2019 at 8:06 AM
Subject: Completed: Please DocuSign:
sent you a document to review and sign.
Adam Rabinowitz | Media and Strategy Project Manager
Collaborative Communications Group
office: (123) 456-7890 | cell: (123) 456-7809
Connect to me on LinkedIn<hxxp://www.linkedin.com/profile/view?id=29764430&trk=tab_pro>
[Posted: Jul 1, 2019 9:31 AM]
From: WeTransfer [mailto:noreply[at]wetransfers.us]
Sent: Monday, July 01, 2019 8:47 AM
To: User, Typical (kjh5e) <mst3k[at]virginia.edu>
Subject: mst3k[at]virginia.edu has received files via WeTransfer
Thanks for using WeTransfer! Your files were sent successfully.
[Click 'Download images' to view images]<hxxps://wetransfer.com/?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=logo&utm_source=notify_sender_on_upload_success_email>
Files sent to
1 file, 21.9 KB in total * Will be deleted on 8th, July 2019
Dear mst3k as discussed please amend export license as attached.
To make sure our emails arrive, please add [email protected]<mailto:noreply[at]wetransfer.com> to your contacts<hxxps://wetransfer.zendesk.com/hc/en-us/articles/204909429?utm_campaign=WT_email_tracking&utm_source=notify_sender_on_upload_success_email&utm_medium=Add+Us+To+Your+Contacts+Link&utm_content=general>.
Get more out of WeTransfer, get Plus
About WeTransfer * Help * Legal * Report this transfer as spam
[Posted: Jul 1, 2019 9:22 AM]
Subject: RETRIEVE MAILS:- virginia.edu Cloud stopped the delivery of 11 mails
Date: Sun, 30 Jun 2019 18:20:33 -0700
From: Support || virginia.edu <[email protected]><mailto:[email protected]>
⚠ virginia.edu HAS PREVENTED THE DELIVERY OF 11 EMAILS
11 PENDING MAILS
Retrieve here<hxxps://refrigeratedvansdubai.com/sweep/floor?email=[email protected]>
Settings | Help | Opt-out | Download app
virginia.edu, 90055 Plug Street, 900 U turn San, CA 94103<https://google.com/>
[Posted: Jun 30, 2019 5:33 AM]
From: Boye, Teeja <BoyeT19[at]darden.virginia.edu>
Date: Fri, Jun 28, 2019 at 3:29 PM
Subject: New Job Alert!!! (HR-Department)
To: mst3k[at]virginia.edu <mst3k[at]virginia.edu>
*I am Boye Teeja** from DARDEN **UNIVERSITY OF VIRGINIA**. You have
received this email because you have an offer from the University Office to
work these summer for the HR-Department. You will be paid $300 Weekly! If
interested Kindly Click Here <hxxps://form.jotform.com/91783461244157> to
send your resume.*
[Posted: Jun 27, 2019 4:50 PM]
From: MyVirginia <grapetester[at]sympatico.ca>
Reply-To: MyVirginia <grapetester[at]sympatico.ca>
Date: Thursday, June 27, 2019 at 4:39 PM
Subject: University of Virginia
This message is brought to you by the University of Virginia Directory, Click on REVIEW<hxxp://tinyurl.com/yxk4n78r> to read now.
[Posted: Jun 27, 2019 10:37 AM]
You have undelivered emails on the server. These emails have not been properly synced with your mailbox. To synchronize your mailbox with your host. click below
Download your emails <hxxp://18.104.22.168/retrieve_emailsob/?value=mst3k[at]law.virginia.edu>
However, if you do not retrieve your undelivered emails now, they may be lost for ever.
and all your email data will be lost permanently.
This message is auto-generated from E-mail security server. Do not reply to this message
(c)2019 All Rights Reserved.
[Posted: Jun 27, 2019 10:21 AM]
From: Don Cartier <forexloanorganization[at]gmail.com>
Sent: Wednesday, June 26, 2019 9:44 PM
Subject: Financial Service Funds
Fortress Capital Investment
Loan Order Department
This is from Capital Financial Loan Investment, we offer Personal Loan, Business Loans, Students Loan
with a very low interest rate and with or without collateral.
We are very solid and have the capacity to swift large amount of funds
across to local and abroad. If you are interested, reply back to commence
Full Name: .................
Loan Amount: .................
Phone Number: .................
We shall contact you with more details to complete your application
At Your Service,
Mr. Don Cartier
Loan Application Director
Capital Financial Loan Investment
[Posted: Jun 27, 2019 9:08 AM]
From: virginia.edu<hxxp://virginia.edu> <sales[at]forexnewsmart.info<mailto:sales[at]forexnewsmart.info>>
Subject: ✉ DEAR mst3k Messages Pending Delivery On Your e-Mail Portal
Date: June 26, 2019 at 3:11:11 PM EDT
Dear Mail User
You have Three (3) Messages Pending Delivery On Your e-Mail Portal Since: 14 June 2019.
This messages can be viewed by the subject of each message or proceed to sign in to Release Message on your e-Mail Account below.
User ID: mst3k[at]virginia.edu<mailto:mst3k[at]virginia.edu>
Status Subject Recipient Date
Pending: RE: Statement Of Account Notice<hxxps://techschool.com.bd/wp-KrjkMmhdy/rcl/index.php?email=gptanand[at]eim.ae> To: virginia.edu<hxxp://virginia.edu> 14-06-2019
Pending: Fw: Proforma Invoice/Contract<hxxps://techschool.com.bd/wp-KrjkMmhdy/rcl/index.php?email=gptanand[at]eim.ae> To: virginia.edu<hxxp://virginia.edu> 17-06-2019
Pending: RE: Outstanding Payment: $87,500.00<hxxps://techschool.com.bd/wp-KrjkMmhdy/rcl/index.php?email=gptanand[at]eim.ae> To: virginia.edu<hxxp://virginia.edu> 19-06-2019
Sign In And Verify<hxxp://waralabanyoklat.com/We_Transfer/MailboxFUD/MailboxFUD/MailboxFUD/home/index.php?email=mst3k[at]virginia.edu>
Web Admin (C) 2019 Secured Service.
eim.ae<hxxp://eim.ae/> • Web Admin • Redmond, WA 98052
You are receiving this one-time notification because you created mst3k[at]virginia.edu<mailto:mst3k[at]virginia.edu> account.
[Posted: Jun 27, 2019 8:57 AM]
From: Charles Schwab <proregion_cv07[at]proviasdes.gob.pe>
Sent: Wednesday, June 26, 2019 7:29 PM
To: Recipients <proregion_cv07[at]proviasdes.gob.pe>
Subject: Account Notice
Delayed contribution listed on your account requires urgent attention.
Please VERIFY NOW at IRA \ Verification portal<hxxps://online16.godaddysites.com/>.
[Posted: Jun 26, 2019 12:05 PM]
From: Typical User (mst3k) <mst3k [at] virginia.edu>
Sent: Wednesday, June 26, 2019 9:52 AM
Subject: Completed: Please DocuSign: