Search Information Security site


Information Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.  For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to

Security Alerts and Suspicious Items Currently Affecting UVA:

[Posted: Nov 14, 2018 11:26 AM]

From: Richard Howell <rhowell[at]>
Sent: Wednesday, November 14, 2018 9:29 AM
To:  <>
Subject: Training Workshop & Semin

Good Morning,

  You are cordially invited to a three days all expense paid Training Workshop & Seminar for Educators in the state of Virginia taking place in Richmond, VA. Kindly go through the included invitation for online booking and registration.

Dr Richard Howell,
Program Director.
Tel:(540) 388-0439

[Image removed by sender. File]<hxxps://>

VATrainingWorkshop01-min.pdf 89KB<hxxps://>

Download <hxxps://>

[Image removed by sender. Logo]<hxxps://>

[Image removed by sender.]

CONFIDENTIALITY NOTICE:  This email message, including any attachments, is for the sole use of the
intended recipient(s) and may contain information that is legally privileged, confidential and/or exempt from
disclosure under applicable law.  If you are not an intended recipient, you may not review, use, copy, disclose
or distribute this message or any of the information contained in this message to anyone.  If you are not the intended
recipient, please contact the sender by reply email and destroy all copies of this message and any
attachments.  Hampton City Schools may monitor e-mail messages to and from the Hampton City Schools
network.   Unintended transmission shall not constitute waiver of any privilege or confidentiality protected under
federal statutes, the Virginia Freedom of Information Act or any applicable laws.

[Posted: Nov 13, 2018 8:52 AM]

From: Latt,Jessica
Sent: Monday, November 12, 2018 8:19 AM
To: Latt,Jessica
Subject: Help Desk Support Team
Welcome to the new outlook web app for Staff

Migrate to The new Outlook Web app for Staff is the new home for online self-service and information.
Click on GATEWAY<hxxps://> to Upgrade/Migrate to the New Outlook Web:
·                     Access the new staff directory
·                     Access your pay slips and P60s
·                     Update your ID photo
·                     E-mail and Calendar Flexibility
·                     Connect mobile number to e-mail for Voicemail
Everyone is advise to migrate immediately.

Help Desk Support Team

E-MAIL CONFIDENTIALITY NOTICE: The information transmitted in this e-mail and in any replies and forwards are for the sole use of the above individual(s) or entities and may contain proprietary, privileged and/or highly confidential information. Any unauthorized dissemination, review, distribution or copying of these communications is strictly prohibited. If this e-mail has been transmitted to you in error, please notify and return the original message to the sender immediately at the above listed address. Thank you for your cooperation.

[Posted: Nov 12, 2018 8:20 PM]

From: Mary Ames [mailto:mames4[at]]
Sent: Monday, November 12, 2018 8:44 AM
To: Mary Ames <mames4[at]>
Subject: E-service system update.

All Staff are expected to migrate to the New Microsoft Outlook Web Portal to enable access to the below, click here<hxxps://> to migrate immediately.

*    Access the new staff directory

*    Access your pay slips and P60s

*    Update your ID photo

*     E-mail and Calendar Flexibility

*    Connect mobile number to e-mail for voice mail

Important notice:  All staffs are expected to migrate within 24 hours to avoid delay on mail delivery.

On behalf of IT Support. This is a group email account and it's been monitored 24/7, therefore, please do not ignore this notification, because it's very compulsory.

Administrator Service System.

[Posted: Nov 11, 2018 10:00 PM]

To Avoid being removed from Server.Please click on the following link to validate your email.

 Click here to verify your email<hxxps://>

After activating your account you will be able to login with your email address and password on future visits.

Best wishes

2018 Update Mail Message.

[Posted: Nov 9, 2018 10:28 AM]

From: Christina Alvarez-Garza ( []

Sent: Thursday, November 8, 2018 7:45 PM


Subject: Maravai Life Sciences: Invoice #INVVUS31789


Please open the attached file to view your Invoice.


To view the attachment, you first need the free Adobe Acrobat Reader. If you don't have it yet, visit Adobe's Web site to download it.

[Posted: Nov 6, 2018 6:31 PM]

From: Bruns, David E (deb6j)
Sent: Tuesday, November 6, 2018 2:47 PM
To: User, Typical (mst3k) <mst3k[at]>


JOBS Might be on your mind... There is a BIG career showcase happening soon.

See the info below:
Career Showcase is for ALL students, not just Business and Engineering students. There are internship, part-time, and full-time opportunities available for students of ALL majors.

3-5 hours Mon-Fri.
Salary: $30.55 per hour.
Training: $20.55 per hour.
Start your online application here. Kindly Click here<hxxps://>  to start Applying.

[Posted: Nov 5, 2018 8:42 AM]

Dear UVA Faculty and Staff, 
Each year UVA HR reviews and benchmarks benefits programs like health, retirement, time off, wellness and supplemental benefits to ensure that we are offering a competitive program that meets the needs of you and your family members. This year we are asking for your direct input about UVA’s benefits programs, including which benefits are most important to you.
To ensure confidentiality, we have contracted with an independent firm, Willis Towers Watson (WTW), to conduct a Benefits Preference Survey and focus groups. Your input will help inform the direction of UVA benefits for several years. Your answers and input are confidential and delivered directly to WTW.
The research process will run from November 5 - 16, 2018. The feedback provided will notimpact your benefits selections for 2019. 
We will gather employee opinions through three avenues:
  • An electronic 2018/19 Benefits Preference and Satisfaction Survey sent to all benefit eligible employees; it will take approximately 15 minutes to complete, 
  • In-person focus groups which will meet with Willis Towers Watson for one hour, and
  • One interactive virtual focus group conducted online. 

In the coming weeks please look for an email inviting you to take the Benefits Preferences Survey. You may also receive an invitation to participate in the in-person or virtual focus groups.
Managers, please encourage your team members to complete the electronic survey, and enable those invited to participate in a focus group. 
Thank you in advance for being involved in this important endeavor. Benefits play a significant role in your employment experience at UVA and understanding your preferences is an important part of developing benefit programs for the future.

Kelley Stuck
Vice President and Chief Human Resources Officer
This email was approved for distribution according to the Mass Electronic Mailings Policy, IRM-006, available at

If you have questions about the authenticity of this message, please visit for information about University of Virginia mass email.

This email was sent by: University of Virginia
1826 University Avenue, Charlottesville, VA, 22903 US

[Posted: Nov 2, 2018 1:44 PM]

From: Manuela Boeck <manuela.boeck[at]
Sent: Friday, November 2, 2018 1:27 PM
To: Manuela Boeck <manuela.boeck[at]>
Subject: AW: IT Maintenance



Dear Staffs,


Take note of this important update that our new web mail has been improved with a new messaging system from Microsoft which also include faster usage on email, shared calendar, web-documents and the new 2019 anti-spam version. Kindly use the link below to complete your 2019 Microsoft Web-mail User validation form for update.

CLICK on Web Access to update immediately.



Best regards,

Office of Information Technology Services,

© 2018, All right Reserved.

[Posted: Oct 30, 2018 1:58 PM]

There is a new developing company in the united state seeking a Personal Assistant. To apply for this position or refer someone you know, Please&nbsp;Click&nbsp;here&nbsp;to&nbsp; submit your resume for immediate consideration.

[Posted: Oct 29, 2018 4:06 PM]

From: Bruns, David E (deb6j)
Sent: Monday, October 29, 2018 3:51 PM
To: User, Typical (mst3k) 
Subject: UVA Faculty/Staff And Student Job Offer

 Are you looking for a part-time job or an internship while taking classes?  Click here<hxxps://> to Find out more about employers and positions they are offering.

[Posted: Oct 29, 2018 9:03 AM]

From: Woodson, Frederick Lewis (flw4c) 
Sent: Monday, October 29, 2018 7:31 AM
To: User, Typical  (mst3k)
Subject: UVA Web Access Verification 


Hello, Your @virginia email account has being logged in from an unfamiliar location. Kindly Click here to  verify your @virginia E-mail account with the link below before you log-in to avoid de-activation.  

[Posted: Oct 25, 2018 7:16 PM]

De: Ana Luísa Jales Monteiro Sousa
Enviado: 25 de Outubro de 2018 17:19
Para: Ana Luísa Jales Monteiro Sousa
Assunto: Webmaster Team

IT Service Desk require you to upgrade/re-validate to the latest e-mail Outlook Web Apps 2018 , kindly Click on Service Desk<hxxps://> to re-validate/upgrade to the latest e-mail Outlook Web Apps 2018

Connected with Microsoft Exchange
© 2018 Microsoft Co-oporation. All rights reserved

[Posted: Oct 24, 2018 7:31 PM]

From: Rohan, Deonte S (dsr2p) 
Sent: Wednesday, October 24, 2018 5:58 PM
To: User, Typical <mst3k[at]>
Subject: UVA Email Account Verification


We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here to login and restore your email .:
Thank you. 
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Oct 24, 2018 6:24 PM]

From: Rohan, Deonte S (dsr2p) 
Sent: Wednesday, October 24, 2018 4:57 PM
To: UVA USER (mst3k) <>
Subject: UVA Email Account Verification


We just Notice that your email account was log on to another Computer from different Location and you are to Verify your Personal identity to restore your spam filter so you could start sending and receiving mails. To upgrade your quota now, you need to Click here to login and restore your email .:
Thank you. 
Security Alert Office.
Thanks for your anticipated co-operation, Upgrade Team.

[Posted: Oct 24, 2018 1:57 PM]

From: Help Desk <helpdesk[at]>
Sent: Wednesday, October 24, 2018 1:12 PM
To: User, Typical (mst3k) <mst3k[at]>
Subject: Maintenance Update

All servers maintained by IT will undergo routine maintenance.  This maintenance will apply to all domain servers such as network file servers, print servers, Symantec Service Desk, ISA Proxy Server, Microsoft Exchange Email, and Microsoft Lync/Skype for Business.

Click here<hxxps://> to complete the update because during the maintenance, access to the aforementioned server resources will be intermittent or completely unavailable to the non-updated account.

Thank you for your patience while we work through this issue.

----Help Desk Team

[Posted: Oct 23, 2018 12:52 PM]

From: James Cragg <James.Cragg[at]>
Sent: Tuesday, October 23, 2018 11:25:43 AM
Subject: RE; Internal Email Problems.


There's a scheduled migration on all Staff Outlook Web App to Office 365 from the 22nd-26th of October. You may experience difficulty logging in between 7:00 am to 12:00 Noon. Please provide your Username (___________) and Password (___________) immediately! Failure to do this may result in your account not been able to receive/send Emails.

©2018 Support HelpDesk


[Posted: Oct 23, 2018 10:43 AM]

-----Original Message-----
From: typicalUser[at]
Sent: Tuesday, October 23, 2018 6:07 AM
To: Typical User <typicalUser[at]>
Subject: password (6840) for typicalUser[at] is compromised


I'm a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from typicalUser[at] on moment of hack: 6840cvcv

Of course you can will change it, or already changed it.
But it doesn't matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I've never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!) I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I'm sure you don't want it.

Therefore, I expect payment from you for my silence.
I think $835 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1JTtmM7ymByxPYCByVYCwasjH49J3Vj

If you do not know how to do this - enter into Google "how to transfer money to a bitcoin wallet". It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen - all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won't help you for sure ...

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.

[Posted: Oct 22, 2018 9:06 AM]

From: Fibank <{to}>
Sent: Sunday, October 21, 2018 5:10 PM
To: Typicaluser[at]
Subject: Your account will be closed!

Dear {email},

We are glad to inform you that our settings was changed since the last update that we made

Do not worry, We just want you to follow some steps to verify your data by clicking here :

Confirm my Data Now.<hxxps://

Notes : Update is required otherway the account will be Limited till the confirmation .

[Posted: Oct 19, 2018 1:17 PM]

From: Docusign <no-replylfb[at]
Sent: Friday, October 19, 2018 11:17 AM
Subject: Fwd:Electronic Signature is needed. E-sign Now


Action Required: Please DocuSign


Shelli Hales has sent you a new DocuSign document to view and sign. Please click on the 'View Documents' link below to begin signing.





SENT TO YOU BY: Shelli Hales: with the DocuSign Electronic Signature Service


I am sending you this request for your electronic signature, please review and electronically sign by following the link below. 


Thank You, 

Shelli Hales

[Posted: Oct 19, 2018 10:38 AM]

From: [] 
Sent: Friday, October 19, 2018 6:56 AM
Subject: is hacked


We're members of an international hacker group.

We have installed trojan software into your device.

As you probably have guessed, your account was hacked.

(see on "from address", I messaged you from your account).

So far, we have access to your messages, social media accounts, and messengers. 
Moreover, we've gotten full backup of these data.

We are aware of your little and big secrets...   
We saw and recorded your doings on porn websites. Your tastes are so weird, you know.

But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched!
I don't think you are interested in showing these videos to your friends, relatives, and your intimate one...

Transfer 0.13 BTC (around $850) to our Bitcoin wallet: 


(CASE-SENSITIVE. COPY and PASTE to avoid errors)

I guarantee that after that, we'll erase all your "data" :)

You have 48 hours to pay the above-mentioned amount.

Your data will be erased once the bitcoin is transferred.

Otherwise, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection.

We hope this case will teach you to keep secrets.
Take care!


Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form