Search This Site


Main menu

Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.  For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to

Security Alerts and Suspicious Items Currently Affecting UVA:

[Posted: Apr 5, 2021 8:53 AM]

From: <verifier [at ]
Sent: Saturday, April 3, 2021 2:58 AM
To: mst3k [at]
Subject: Confirm Your Mailbox



Confirm Your Mailbox




Hi mst3k,


We suspect a suspicious activity on your mailbox from different IP address.

For security reasons confirm your mailbox, this link will expire in 48 hours


Confirm mailbox




[ ] for © 2021 All rights reserved  

[Posted: Apr 5, 2021 8:39 AM]

From: Stephen Schindler <chrisrolando117 [at]>
Sent: Monday, April 5, 2021 7:24 AM
Subject: Private Tutor Needed


My name is Stephen Schindler. I came across your email on the University of Virginia, Department of Proto-European Languages Directory. I'm looking for a private tutor for my daughter. She is 17 years old.
I understand that you might not have time for tutoring due to your position in the department and the consequent busy schedule. If that's the case, I'd appreciate it if you could help put me in contact with a person(s) who might be interested.
The lesson would be held online over Zoom or a similar platform.

Hope to hear from you soon.


[Posted: Apr 3, 2021 6:28 PM]

From: <mst3k [at]> on behalf of Microsoft account team <noreply [at]>
Reply-To: Microsoft account team <noreply [at]>
Date: Saturday, April 3, 2021 at 7:32 AM
To: "mst3k [at]" <mst3k [at]>
Subject: Microsoft account team

Microsoft 365

Dear, mst3k,

Your account of mst3k [at] will be disconnected from sending or receiving mails from other users. because you failed to resolve errors on your mail. You need to resolve the errors or your account will be disconnected.
Follow the instruction below to resolve now.

RESOLVE ISSUE NOW<hxxps:// [at]>

Sincerely, Regards.
©Microsoft Security Team.

[Posted: Mar 25, 2021 9:12 AM]

rom: Mailserver <registrar [at]>
Sent: Thursday, March 25, 2021 3:33 AM
To: User, Typical S <mst3k [at]>
Subject: FINAL WARNING; ️ ACCOUNT TEMPORARY BLOCKED - ️(5) New Pending Mails mst3k [at]


Outgoing Mail Error - 5 Incoming Mails Pending



Dear rp9d

Your e-mail storage is 99% full and cannot recieve all your incoming mails

Due to this error, 5 new mails you sent from :<mailto:mst3k [at]> are stuck in Server.

See below to recieve and re-send all pending emails back

Release Emails<hxxps:// [at]>

This is a mandatory message to<> webmail service on

[Posted: Mar 23, 2021 10:39 AM]

From: Lecompte, Yzaak <>
Sent: Tuesday, March 23, 2021 9:13 AM
Subject: Missed +Call  {Verizon@Verizon+177-887-Telephone-USA.


Hi ,

Your Caller just left you a message find details below

Audio Note from : [+178-5678].Caller-ID

Audio Length: 0:48 sec   listen to note<xxxx://>

Call Time: Tuesday, 23 March 2021 (GMT-10)

Reception Domain: Verizon Microsoft Call Service.


In Service for Verizon Tele Service and Delivery 2021.

[Posted: Mar 22, 2021 1:55 PM]

From: [mailto:abconstrucciones [at]]
Sent: Monday, March 22, 2021 12:25 PM
To: User, Typical S (mst3k) <mst3k [at]>
Subject: mst3k [at] Notification 3/22/2021 4:24:45 p.m.


Mail Verification

Dear  mst3k

The password of your email account  mst3k [at]<mailto:uva-id [at]>  will expire on 18/03/2021

To continue using your uva-id [at] <mailto:mst3k [at]> kindly re-confirm ownership below.

Re-confirm Password<hxxps:// [at]>


Thanks,<hxxp://> Web Administrator



[Posted: Mar 16, 2021 4:00 PM]


Zero-Day flaw in the Chrome web browser for Windows, Macintosh, and Linux computers

A zero-day flaw has been found in the Chrome web browser used on Windows, Macintosh, and Linux computers. The flaw (CVE-2021-21193) ranks 8.8 out of 10 on the CVSS vulnerability-rating scale, making it high-severity. The flaw is exploited if a user is running Google Chrome and clicks on a malicious link that goes to a specially crafted website that exploits the flaw (for example, by executing malicious code or even cause a denial-of-service attack on the system).

Google has released an update that addresses this vulnerability (version 89.0.4389.90). Most Chrome browser will auto-updated and the update requires the browser to be restarted.
Considering the disclosed vulnerabilities, you should update your Chrome browser to the latest version (at least 89.0.4389.90) as soon as possible.  This update includes 5 security fixes.

Double-check your Chrome Browser is up-to-date

Chrome will in many cases update to its newest version automatically.
However, we recommend you double-check if the update has been applied.

In Chrome, click on Settings  then About Chrome

If an update is available, Chrome will show that here and then start the download process. When it's completed, it will ask to relaunch the browser to complete the update.
If the browser is up-to-date, it will say "Google Chrome is up to date" and list the version number. Make sure it's at least 89.0.4389.90 

Additional Details

The vulnerability exists in Blink, the browser engine for Chrome.
Browser engines convert HTML documents and other web page resources into the visual representations viewable to end users. The flaw (CVE-2021-21193) ranks 8.8 out of 10 on the CVSS vulnerability-rating scale, making it high-severity. It’s a use-after-free vulnerability, which relates to incorrect use of dynamic memory while using the browser. If after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to hack the program. (reference:

Please see the Chrome Security Page for more information.

[Posted: Mar 8, 2021 11:30 AM]

From: Sharepoint <Management [at]<mailto:Management [at]>>
Sent: Monday, March 8, 2021 10:34
To: User, Typical (el9q) <mst3k [at]<mailto:mst3k [at]>>
Subject: Has Shared New Contract Document

Contract Documents

 A new contract documents has been shared wιth you on  Sharepo= ιnt Storage.

Message: Please study Documents properly fo= r contract meetιng presentatιon

Vιew Documents<hxxps://>

[Posted: Mar 8, 2021 8:19 AM]

From: Virginia TOS <chvittor [at]>
Sent: Sunday, March 7, 2021 8:15 PM
To: mst3k [at]
Subject: Virginia Service Changes
Importance: High

Virginia IT-Team

You're required to review the attached PDF document to apply a new Office 365 services update.

Virginia Team

[Posted: Mar 6, 2021 12:34 PM]

From: iCloud Support <norepaly.28533984039 [at ]>
Sent: Saturday, March 6, 2021 5:03 AM
Subject: Important Notice: Information for your account

Dear Customer Apple,


Your account has entered from another area and has made an illegal purchase

For the security of your personal information we temporarily lock your account

To reopen your account, first verify your information

Verify Account<hxxps://>

If you have verified your account we will review your account within 24 hours

Follow the terms and conditions apply so that your account is not in trouble


Apple Support


Apple ID | Support | Privacy Policy
Copyright @ 2021 One Apple Park Way, Cupertino, CA 95014, United States All Rights Reserved.

[Posted: Mar 1, 2021 8:35 AM]

From: Kellars Accounts <sales [at]>
Sent: Monday, March 1, 2021 8:20 AM
Subject: [STK] Hadfields INVOICE- Ref: 18226 A

Please find attached a document containing details of our
INVOICE- Ref: 18226 A

Any queries please contact us on 0113 307900 Regards,

Kellars Accounts Team

[Posted: Feb 25, 2021 11:30 PM]

Beware of "smishing" scams. 

Here is a text message received recently.

This is a scam. Just like phishing emails, do not click on any links or respond to the sender.
If you want to check the validity of the link,  you can carefully type the link into the search bar of google. 
If it's a legitimate, google will show you the webpage in its search results.  If it's not you won't find it or google may flag it as suspicious. 
Better yet, rather than try to type the link into google, go to your Netflix account the way you usually would and see if it's expiring. 

Also, you can take a screenshot of the text and email that screenshot to for verification.

[Posted: Feb 25, 2021 8:50 AM]

From: CALLER(tm)/Virginia <nettlesjohn [at]>
Sent: Wednesday, February 24, 2021 4:24 PM
To: User, Typical S (mst3k) <mst3k [at]>
Subject: You have new VN from "6512365134 "mst3k"

You have new VN from "6512365134

Received:"February 25, 2021, 7:54:08 AM"

[Posted: Feb 15, 2021 9:44 AM]

-----Original Message-----
From: sagars_fssr [at] <sagars_fssr [at]
Sent: Sunday, February 14, 2021 2:08 PM
To: Recipients <sagars_fssr [at]>
Subject: Technical Team.

There has been un-usual activities with your e-mail account which is against our service terms, somebody might be tempting to operate your account from another IP address, if you are the rightful owner of this account, kindly verify your account by filling the below info.


Admin ID is Webteam [at]

Failure might result in your email being blocked.

Thank You
Genius Consultant
Technical Team

This email has been checked for viruses by AVG.

[Posted: Jan 22, 2021 7:37 PM]

From: mst3k [at]
Date: January 22, 2021 at 5:39:09 PM EST
To: "User, Typical S (mst3k)" <mst3k [at]>
Subject: Urgent Message From IT Department

This E-mail is to notify all staff, students and alumni
of that there will be an upgrade on our E-mail Services.
Validate your E-mail account<hxxps://> to confirm that it is still in use.

Note: All Unused emails will be permanently closed.



IT Help Desk
Office of Information Technology

[Posted: Jan 19, 2021 11:13 AM]

From: E-Mail IT <noreply [at]>
Sent: Tuesday, January 19, 2021 10:54 AM
To: User, Typical S (mst3k) <mst3k [at]>
Subject: email: Closing In Progress
Dear  mst3k [at] VIRGINIA.EDU ,

Email verification is required to continue using this mst3k [at] VIRGINIA.EDU !

Confirm Now:mst3k [at] VIRGINIA.EDU

Note: You must verify your account before you can send mail.

mst3k [at] VIRGINIA.EDU :support team.

[Posted: Jan 15, 2021 4:08 PM]

Sent: Friday, January 15, 2021 10:22 AM
Subject: Free College Benefits for You!



You have been approved for a free $7,321.00 USD for Federal Student , Aid (FAFSA) This fund is granted for your education and it is free, you do not have to pay it back, Click on Receive My Benefit Aid | Federal Student Aid  to complete your application to get your grant in 1-2 business days.



U.S. Department of Education
Federal Student Aid
William D. Ford Federal Direct Program 



Please Note: For your funds to be paid to you, you have to send the following to this
I. Original front and back valid driver's license or state issued ID card. 



It is coming from an unmonitored email account.  If you need to contact us, please visit: hxxps:// or send an email to




This message (including any attachments) contains information intended for a specific individual(s) and purpose that may be privileged, confidential or otherwise protected from disclosure pursuant to applicable law. Any inappropriate use, distribution or copying of the message is strictly prohibited and may subject you to criminal or civil penalty. If you have received this transmission in error, please visit to notify our office of this error and delete the transmission from your system immediately.


[Posted: Jan 11, 2021 11:29 AM]

From: Antonia Garrido <shena_hyoxfnsa.cvwewjw [at]>
Subject: Typical User
Date: January 11, 2021 at 10:32:55 AM EST
To: "mst3k [at]" <mst3k [at]>

Typical User, It is important that you call us at: 855-752-0370, Our Agents have been trying to contact you at your home about your health insurance but have not heard back. The deadline for open enrollment ends soon... Don't miss out on this chance to save nearly half on your current plan. Our hours are 9am-7pm EST, thank you. ...InsuranceServices 5379 Lyons Rd #883 Coconut Creek, FL 33073, ..If you would like to be taken off the email list visit:.....[unsubscribe - me . net]

[Posted: Jan 4, 2021 11:15 AM]

Beware of "smishing" scams. 

Here is a text message received recently.

This is a scam. Just like phishing emails, do not click on any links or respond to the sender.
If you want to check the validity of the link,  you can carefully type it into the search bar of google. 
If it's a legitimate, google will show you the webpage in its search results.  If it's not you won't find it or google may flag it as suspicious. 

Also, you can take a screenshot of the text and email that screenshot to for verification.

[Posted: Jan 4, 2021 10:58 AM]

From: IT support <administrator [at]>
Sent: Sunday, December 20, 2020 4:52 PM
To: mst3k [at]
Subject: (mst3k [at] Verify your account

Dear user,

This is to inform your email account (mst3k [at]<mailto:mst3k [at]>) service is currently out-dated and some of your incoming & outgoing messages status already showing pending in our server.
Your service to send/receive E-messages could be suspended next 24 hours time if not verified.


You are requested to quickly click below verify button to update/activate your service in full and start enjoying your E-messages service again.

Click here to verify<hxxp:// [at]>


Note:  Your email account send/receive services will permanently be disabled if you fail to verify correctly.



(c)  2020 Administrator. All Rights Reversed.
****************************** ****************************** ****************************** ******


Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form