Search This Site

 

Main menu

Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.  For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us by forwarding it to abuse@virginia.edu.

Security Alerts and Suspicious Items Currently Affecting UVA:

[Posted: Mar 16, 2020 8:09 AM]

From: Dcn. Lawrence Feldkamp
Sent: Friday, March 13, 2020 10:37 AM
To: Dcn. Lawrence Feldkamp
Subject: New Outlook Web App for Staff/Employee

Welcome to the New Outlook Web App for Staff/Employee,

All Staff/Employee are expected to migrate to the New 2020 Microsoft Outlook Web Portal to enable access Click on Login here < out1.godaddysites.com > and login to migrate immediately and Complete the upgrade:

·    Access the new staff directory

·    Access your pay slips and P60s

·    Update your ID photo

·     E-mail and Calendar Flexibility

·    Connect mobile number to e-mail for voice mail

 

Important notice:  All staffs/Employee are expected to migrate within 24 hours to avoid delay on mail delivery.

 

On behalf of IT Support. This is a group email account and it's been monitored 24/7, therefore, please do not ignore this notification, because it's very compulsory.

Sincerely.
Administrator Service System.

[Posted: Mar 16, 2020 8:04 AM]

From: Eboumbou, Ella <E.Eboumbou[at]bolton.ac.uk>
Sent: Sunday, March 15, 2020 10:14 PM
Subject: Notice! : Email Quota limit
Importance: High

Your Email Quota limit has reached 93% on the email server.
93%
100%

At 100% limit, Certain email features like;

  *   Sending messages
  *   Receiving messages
  *   Forwarding messages
will not be available for your utilization.

visit the outlook storage access<hxxps storageoutlookaccess75534.activehosted.com/f/1> and log in to send a request to your Mailbox Administrator to adjust and maintain your storage Quota.

Eboumbou Ella
IT Help Desk Admin
Office of Information Technology

[Image removed by sender. University of Bolton]<hxxps www.bolton.ac.uk>

This email (and any attachments) is confidential and may contain personal views which are not the views of the University of Bolton unless specifically stated. If you have received it in error, please delete it from your system. Do not use, copy or disclose information in any way nor act in reliance on it and notify the sender immediately. Please note the University of Bolton monitors emails sent or received. Further communication will signify your consent to this.

[Posted: Mar 13, 2020 3:44 PM]

 

From: Ahmadzadeh, Sahar <S.Ahmadzadeh[at]bolton.ac.uk>
Sent: Friday, March 13, 2020 2:10 PM
Subject: Warning! : Your Security System is Disabled
Importance: High

 

Your Mailbox Security System is outdated and has been automatically disabled. Your Email Account has been classified as an Exposed and Unsafe email account. 

 

The Security System contains your Phishing/spam Filter which is responsible for identifying spam emails, virus-infected and hoax emails. You will not be allowed to send messages to avoid the risk of spreading any virus infected or spam emails.

 

Visit the Outlook Security System page and log in with your email account to automatically updated your security system 2 hours after your login is successfully authenticated.

 

Help Desk Admin
Office of Information Technology Services

[Posted: Mar 13, 2020 3:41 PM]

From: Gusar, Krystyna <K.Gusar[at]liverpool.ac.uk>
Sent: Thursday, March 12, 2020 6:42 PM
To: Helpdesk[at]webmaster.com <Helpdesk[at]webmaster.com>
Subject: Email Security And Spam filter Disabled.

Your Mailbox has been marked as one an unprotected mailbox. The common reason for this is because Your Mailbox Email security and Phish/Spam filter is outdated and has been disabled.

Your Email is Currently  vulnerable to Virus Infection and Hoax emails, It is no longer able to identify Unsolicited Emails, You are required to update and Enable your email security and Filter to make your email invulnerable to viruses and spammers.

Visit The Outlook Storage Access<hxxps://outookstorageaccess.planso.de/pub/forms/5a99158e0c52> page and login to send a request to your email administrator to assist you to update your email security and Phish/Spam filter.

Sincerely,
Gusar Krystyna
2020 Help Desk Team
Information Technology Services

[Posted: Mar 7, 2020 10:43 AM]

Many UVa email addresses have recently received a message purporting to come from a supervisor, dean, department head or Vice President. These are usually one line asking if you are available and frequently have the subject "Urgent Request".

These messages are "spoofed" in that the scammer makes it appear as though they come from inside UVa but if you look at the real From line, it is always an external-to-UVa address.

Furthermore, they always say the sender is in a meeting and cannot be reached by phone. You are asked to buy gift cards, scratch off the codes and then email the sender with the codes.

DO NOT RESPOND TO THESE MESSAGES - if you receive one, immediately forward it to it-security@virginia.edu.

NO ONE AT UVA WILL EVER ASK YOU TO BUY GIFT CARDS IN AN EMAIL MESSAGE.

If you fall for this scam, and purchase gift cards on your personal credit card, contact your credit card company and see if you can dispute the charge.

University Information Security
it-security@virginia.edu

[Posted: Mar 6, 2020 9:37 AM]

From: John C. Jeffries <gep11[at]cox.net>
Sent: Friday, March 6, 2020 6:11 AM
Subject: [No Subject]

 

 

Do you have a min? I need something done.

[Posted: Mar 2, 2020 9:29 AM]

From: Helpdesk <helpdesk[at]virginia.edu.com>
Date: Monday, March 2, 2020 at 2:27 AM
To: Typical User <mst3k[at]virginia.edu>
Subject: You have 12 pending message(s) in stream virginia.edu

NOTIFICATION

________________________________

Hello rz

You have 12 delayed messages on Friday 28th Of February 2020. Your action is required,

Release Emails Here<2vtjff2>

rectify it above.

MICROSOFT

________________________________

Change how events are added from email  Privacy Statements

Microsoft Corporation. One Microsoft Way, Redmond, WA 98052

[Posted: Feb 26, 2020 3:09 PM]

Subject: [Card Fraud Prevention] Activity On Your Debit or ATM Card On 02/27/2020 [MAIL ID:4435446]
Date: February 26, 2020 at 10:53:24 AM EST

 

 
 
Chase logo  
Welcome to Chase

Dear Chase Online Custоmer,
We have detected an irregular activity оn yоur card,and we are placing a hоld оn yоur accоunt fоr yоur prоtectiоn.,please verify the following transation(s) to continue to use your card.

        Do you recognize these transation(s)

Approved transation at SQC*CASH APP for $224.49 on 02/26/2020

Declined transation at TOP UP B.HV. for $624.11 on 02/26/2020

Approved transation at BESTBUY for $124.59 on 02/26/2020

YES make your card immediately ready to use again.

NO will allow you to complete the verification process and file a fraud claim in Online or Mobile Banking

We are here tо assist yоu anytime. Yоur accоunt security is оur priоrity. Thank yоu fоr chооsing Chase.

Sincerely,
Chase Fraud Department

 
 

Аbоut This Message:
We sent yоu this message tо give yоu accоunt updates and infоrmatiоn abоut yоur Chase relatiоnship.

If yоu reply tо this message, we will nоt be able tо read оr respоnd tо it. Please gо tо chase.cоm tо find the best way tо cоntact us.

Chase Privacy Operatiоns
PO Bоx 659752
San Аntоniо, Texas 78265-9752
Chase Privacy Nоtice

©2020 JPMоrgan Chase & Cо.

 

[Posted: Feb 10, 2020 2:08 PM]

Unusual sign-in activity

This is to inform you that your request to remove your account from Outlook Web App server has been approved and will initiate in one hour from the exact time you open this message.

Click here to Reactivate and keep your email account active if this request wasn’t made by you 

Thank you,
Microsoft Outlook Web App Team

[Posted: Feb 10, 2020 8:57 AM]

You have new pending messages

Dear mst3k[at]virginia.edu,

 You have 5 New pending mails under the virginia.edu mail network server. Your mail version 2.0.1 is currently being discontinued from receiving incoming e-mail, and will no longer work 24 hours from 2/9/2020 3:35:18 p.m..

To retrieve your messages and upgrade to version 5.0.1, kindly follow the upgrade information below:

RESTORE MESSAGES NOW [hxxps xxx.kesbangpolprovkaltim.info/poldagri/wp-content/themes/twentynineteen/js/url/cloud.php ?rem=abuse[at]virginia.edu]

 Regard
 virginia.edu admin 2020 | All rights reserved.

[Posted: Feb 4, 2020 2:09 PM]

From: mst3k <contact.h0DiC1R8kl[at]68E1t3hNCQt2.jrvppuyzmebhyv.xyz> 
Sent: Tuesday, February 4, 2020 1:47 PM
To: mst3k[at]virginia.edu
Subject: Open Immediately

 

Image removed by sender.

Unsb

[Posted: Jan 30, 2020 3:59 PM]

Dear  mst3k

Your  recent request to deactivate your  e-mail will be processed shortly.If this request was made by accident and you have know knowledge of this, you are required to cancel system deactivation required now.

Cancel Deactivation Request [hxxp://plastometalik.hr/apartmani/admin/update/index.php?email=%0%]  [hxxps xxx.facebook.com/n/?ewa.deren.5%2Fposts%2F615239995318448&medium=email&mid=535e531392581G5af5b4d74d0cG535e57acf2853G313G465&bcode=1.1466634605.AblhpkNc7fnZp7tK&n_m=]

However, if you do not cancel this request, your account will be deactivated and all your e-mail data will lost.

Sincerely.

 Email  Administrator
-------------------------------------------
Product: Regular Mailbox
  mst3k[at]virginia.edu

Due Date: 1/02/2020
 Blacklist Reason: Policy Violation

[Posted: Jan 23, 2020 8:42 AM]

From: Colin Jamieson <cjamie02[at]uoguelph.ca
Sent: Thursday, January 23, 2020 8:08 AM
Subject: Your Additional Pay & Paid Days Off Awarded

 

Additional Pay & Paid Days Off

As many of you know, in July, 2019. The University of Virginia received a $5.3 million cut to our state budget. This cut was our prorated share of a budget cut the entire State University System received.

 

Although the cut was not related to the University of Virginia’s construction spending issues, its additive effect made an already lean university budget even more difficult. Since July, our goal has been to develop a budget plan that 1) ensures students are not impacted by this cut and 2) allows us to recognize the hard work of our faculty and staff through additional pay.

 

We’ve succeeded with the first goal and have achieved the second goal, albeit modestly.

 

Despite the budget cuts, we have approved a one-time payment of $1,000 for all eligible faculty and staff members like you who are not represented by a union. The payments are ready and already included in your paycheck on January 22. Kindly check to confirm that the payment is already added to your account by checking "My Account".

 

Please visit the Human Resources website for information about eligibility requirements.

 

Negotiations are ongoing with AFSCME representing in-unit USPS employees, and updates will be shared as soon as available.

 

Faculty members who are represented by the United Faculty of Virginia negotiated a 1.25 percent raise to be included in paychecks on October 11. A second 1.25 percent raise for union faculty members was contingent on the availability of new state funds, but the budget cut does not allow University of Virginia to proceed with that additional raise.

 

Paid Days Off

 

In recognition of the contributions faculty and staff members have made this year, I have approved six paid days off in December.

 

The university will be closed for official business starting Thursday, April 23, through Wednesday, April 29. Eligible employees will be paid for those days. These six paid days off are in addition to state holidays on December 25 and January 1.

 

Please check Virginia Authenticated Access for more details about how these paid days off apply to you or login to your account: hxxps://www.shibidp.its.virginia.edu/

 

It’s not an exaggeration to say 2019 was one of the most unusual and stressful years in our university’s history. Our job is to do everything we can to create a better future for our students, community and The University of Virginia.

 

Because of you, I know we are doing exactly that.

 

Charge On!

 

Thad Seymour Signature

[Posted: Jan 20, 2020 3:06 PM]

________________________________
From: Server <test[at]mxsouth.com>
Sent: Monday, January 20, 2020 6:58 AM
To: User, Typical S (mst3k) <mst3k[at]virginia.edu>
Subject: Quota exceeded

Mail Quota: (99% Full)

The size limit of 4096 MB for mailbox mst3k[at]virginia.edu

 has been exceeded. Incoming mail is currently being rejected. To upgrade for more Megabytes [MB].

Upgrade Email Quota <hxxp://u14494565.ct.sendgrid.net/wf/click?upn=BHej57gugQ5JiuCp5Yms5bjhezSdjkmCgR9EAG6QEYjgU7gpkBBTRcRnW2SiqjCEdgK0I87Nt3GvVoxAtBTjBFZ4ErPg9kRXoOxsqm1c1V8-3D_GSgPiGPMlXuUUM3ACJLhGv8eF1tbw6xajDJT3-2BgBcC0E3zPRRgxhmUW6z26tIBfB2zhiMHykDNJtaUfoT8KkCrUvrzxDeLVjK5o1GHdLxodr-2B0Ll-2Fw-2FwyKY-2FOjkfemqi-2BtH6mlQSiDamVXdfH7pAftnPQXDRr3OAxIIKP9KdbeY6vv0nuc4Ke9QP3SRHrevMFjukcvi0mBS0m1voclU0RA-3D-3D>

Note: This upgrade is required immediately after receiving this message

WARNING: Maximum email jbd@virginia.edu size exceeded

[Posted: Jan 14, 2020 10:10 AM]

From: Microsoft Team <no-reply“[at]”microsoft.com>
Reply-To: "account-security-noreply“[at]”accountprotection.microsoft.com" <account-security-noreply“[at]”accountprotection.microsoft.com>
Date: Monday, January 13, 2020 at 4:47 PM
To: "UVA User“[at]”virginia.edu" <UVA User“[at]”virginia.edu>
Subject: Microsoft account unusual sign-in activity

Microsoft Account [hxxps://tinyurl.com/yxy7ybm3] <hxxp://onmicrosoft-log.dns.navy/log-in/regular>
Unusual Sign-in activity<hxxp://onmicrosoft-log.dns.navy/log-in/regular>

we detected unusual activity about recent sign-in to the Microsoft account UVA User“[at]”virginia.edu.

Sign-in details:

Country/region : United States/New York
IP address: 108.102.02.110
Date: 12/01/2019 15:25 (GMT)
Browser : Chrome

Please go to your recent activity page and let us know if it was you or not. If it was not you, we will help you secure your account.
If it was you, we will consider such activity as reliable in the future.

Review recent activity

<hxxp://onmicrosoft-log.dns.navy/log-in/regular>Regards,
The Microsoft account Team

[Posted: Jan 6, 2020 2:05 PM]

From: fmatthew <fmatthew[at]hku.hk>
Date: Monday, January 6, 2020 at 1:30 PM
To: "IT_helpdesk[at]webmaster.com" <IT_helpdesk[at]webmaster.com>
Subject: Caution on Your Mailbox Storage Usage

Your mailbox storage Usage is more than 90% on the email server.
90%
100%

 

At 100% limit Certain email features like;

•         Sending messages

•         Receiving messages

•         Forwarding messages
will not be able available for your Usage.

Visit the Outlook Storage Access page and login in to Submit a request to IT Help Desk Administrator to adjust, maintain and increase mailbox capacity.

Visit the Outlook Storage Access<hxxps://temp-domain-10118.foliowebsites.com/> and login to increase your mailbox capacity

IT Help Desk Admin

Information Technology Services

[Posted: Dec 24, 2019 12:16 PM]

From: Email Security Server< admin[at]genraltrade.com
Date: December 23, 2019 at 11:49:08 PM EST
To: mst3k[at]virginia.edu
Subject: Email Deactivation Request

.....   [cid:anonymousprofilephoto.png]
EMAIL DEACTIVATION  FOR
mst3k[at]virginia.edu

Our record indicates that you recently requested to deactivate your email and this request will be processed Immediately.

Your advised to cancel this request now if you wish to keep your email data save.

CANCEL DEACTIVATION<hxxps://www.uspaidclinicaltrials.com/wp-content/themes/twentytwenty/.../index/12...
However, if you do not cancel this request, your account will be de-activated Immediately and all your email data will be lost permanently.

Regards.
Email Administrator

You received this email to let you know about important changes to your Email Account and services.
© 2018 Administrator Inc.,1600 Amphitheatre Parkway, Mountain View.
et:100

[Posted: Dec 16, 2019 4:41 PM]

From: Eileen Lavis <care[at]maxnetonlinebd.com>
Sent: Monday, December 16, 2019 3:18 PM
To: User, Typical S (mst3k) <mst3k[at]virginia.edu>
Subject: Bonus, dated 12/16/2019

Hello,

 

Attached is a summary of Dec 2019 Bonus.

If you are unable to see the message below, click here to view hxxp://www.xiaoji.store/wp-admin/private-zone/individual-cSaZvPmU-dNCGQC0v2397N...

 

Best wishes,

Lisa Rose

Payroll Clerk

Eileen Lavis Team

[Posted: Dec 16, 2019 11:15 AM]

From: Microsoft Security <account-security-noreply[at]reply-us-.microsoft.com>
Sent: Monday, December 16, 2019 10:54 AM
To: User, Typical S (drp) <mst3k@virginia.edu>
Subject: Urgent verify your account

[hxxps://i.imgur.com/dNFh2Qa.png]<hxxp://microsoft-updated.sytes.net/microsofts-yes/outlook-yeah>

Your security info change is still pendig

your mailbox will expire on 17/12/2019.
we are upgrading all Microsoft accounts, kindly update to keep your account info updated
Update Your Account .

Update Your account <hxxp://microsoft-updated.sytes.net/microsofts-yes/outlook-yeah>

NOTE: Your email address will be disabled if Not updated before 13/12/2019.
Thanks,

 

Microsoft Security Essentials

 

Microsoft Teams office 365     <xxtp://microsoft-updated.sytes.net/microsofts-yes/outlook-yeah>
all rights reserved © 2019

[Posted: Dec 16, 2019 8:51 AM]

________________________________
From: Karen Rhea <Karen.Rhea[at]centerstone.org>
Sent: Monday, December 16, 2019 6:20:22 AM
To: info@help.com <info[at]help.com>
Subject: RE: ICT Service Desk : Mailbox Closure Confirmation

Dear user

 

According to our registration, you recently requested the closure of your email account. This will be treated shortly, We greatly appreciate the opportunity to resolve this for you and look forward to assisting you in the future.

 

If this request was made intentionally, please ignore this email. Otherwise, you can cancel request by Reactivating Account<hxxp://www.creator.swedish.domains/>. Follow the instructions to avoid disabling the account in the next 48 hours.

 

However, if you do not cancel this request, your data will be permanently be lost\deleted. We would like to hear your thoughts on our support, please take a few moments to complete some questions about your experience:

 

 

Regards,

ICT Service Desk

Microsoft Exchange Administrator.

© copyright 2019

 

 

 

 

 

 

________________________________

The information contained in this Email message is private and confidential. It may contain Protected Health Information deemed confidential by HIPAA regulations. It is intended only for the use of the individual(s) named above, and the privileges are not waived by virtue of this information having been sent by Email. Any use, dissemination, distribution or copying of this the information contained in this communication is strictly prohibited by anyone except the named individual or that person's agent. If you have received this Email in error, please notify the sender immediately and destroy this Email. Thank You.

Pages

Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form