Search Information Security site


Information Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
  • Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to

Security Alerts and Suspicious Items Currently Affecting UVA:

[Posted: Feb 1, 2018 11:31 AM]

Subject: Support
Date: Thu, 1 Feb 2018 07:37:03 -0800
From: Blackboard <ma743775[at]>
To: Recipients <ma743775[at]>
Dear User,
Some unusual activities have been detected due to security protocols.
You have reached the storage limit for more space verify your Mailbox.
<hxxp://www .reflectionsofwalnutcreek2. com/wp-includes/Text/Diff/Engine/blackboard.htm>

[Posted: Jan 30, 2018 9:12 PM]

From: Herrera, Perla [mailto: pherrera @] 
Sent: Wednesday, January 24, 2018 6:03 PM
Subject: Migrating 
Virginia  Mail-Box is Migrating from Outlook to Gmail. Click Here hxxp:// fill and submit to Update or You cant send Mail.

[Posted: Jan 30, 2018 3:41 PM]

All Staff & Employee
Your E-mail account have been suspended by our server due to unusual activities detected, To reactivate CLICK <hxxp://> LOGON​​​​<hxxp://>
Help Desk Team
Microsoft 2018 Edition.

[Posted: Jan 29, 2018 12:06 PM]

From: vincenza @ 
Sent: Monday, January 29, 2018 10:46 AM
Subject: New Documentation.
You have a new documentation from Tommy Lute. via Dropbox Message Center.
Click Here To View Doc.<hxxp://www.>
Thank You,
Tommy Lute
Founder and CEO

[Posted: Jan 29, 2018 12:03 PM]

Date: Mon, 29 Jan 2018 13:25:30 +0000
From: Zetterström, Anna <anna.zetterstrom[AT]>
To: info @ 
Your mailbox has exceeded the storage limit as required
You must upgrade your mailbox to receive new messages and update.
To upgrade your mailbox, please *click here

[Posted: Jan 29, 2018 10:14 AM]

From: Marquette, Olivia Marie [olivia.marquette [AT]] 
Sent: Monday, January 29, 2018 10:09 AM
Subject: RTS... 

Your Mail Outgoing and Incoming is blocked. Reason Mail Bounce Count Exceeds Limit [ Bounce count=10 ]

Please follow the link below to unblock yourself: Update now!

Thank you,

Customer Service

University Accounting Service, LLC

PO Box 918

Phone:   800-746-4911

Fax:     866-529-4012

Customer Service Representatives are available Monday-Friday from 7:00 a.m. to 5:00 p.m. Central Time.

[Posted: Jan 19, 2018 11:15 AM]

Email Management System Copyright 2018 
[1] hxxps://

[Posted: Jan 18, 2018 10:49 AM]

From: ATtention [mailto:officecoe1112[AT]]
Sent: Thursday, January 18, 2018 8:31 AM
Subject: Dropbox Document Received- (Scanned_Invoice4279.pdf)
Hi Member,
You have a new PDF File in your Dropbox space
                          View PDF file<hxxp://>
Keep your file safe with Drop box.

[Posted: Jan 17, 2018 3:45 PM]

Your email account can not be automatically upgraded to the new e-mail 8.7. Please sign in Sign In<hxxp://> to avoid losing access to your webmail email account
We regret any inconvenience.
Email Management System Copyright 2018

[Posted: Jan 12, 2018 10:30 AM]

Important information from Outlook App   Web Access  Security Service.
Beginning from Today  Thursday ,  January 11. 2018 (EDT) , your webmail sign on page with Outlook App    Web Access  will be changing! We are preparing for an email upgrade, However, to avoid losing  access  to your email account   LOGIN   now   

hxxp:// www. components/com_contact/webmail/

Thank you for choosing  Outlook App   Web Access   l  for your communication needs. We value you as our customer.

Thank You

Outlook App   Web Access  Security Service Team®  

[Posted: Jan 10, 2018 9:30 AM]

Hi uva login @,

You are running low of data volume (87% Storage Low).

Avoid account malfunction, and retrieve pending mails from clicking on the below link


We will not be responsible for any mail malfunction or account locked up if after this warning no response from you.

© 2017 Mail Team 

[Posted: Jan 8, 2018 12:15 PM]

Spectre and Meltdown are vulnerabilities in the Intel processor chip that is installed in most computers, smartphones, and other computing devices. As of January 8, 2018 we have not seen any successful attacks. Nevertheless, it is important to protect your data and computers. The primary protection against this particular attack is patching/updating your devices, but check with your LSP first, and review these best practices <>.


[Posted: Dec 27, 2017 12:00 PM]

The password for your University Of Virginia Account, *********, was recently changed.
If you made this change, you're all set.
If not, please take these steps to secure your account:
Click here to recover your account.
Visit your Account Information page to review your account recovery data on file.
University Of Virginia


[Posted: Dec 11, 2017 8:30 AM]

 We've suspended Wordpress script on your website, if you want to re-active it again clcik on Re-active using the button below. We will review the suspension and either remove it We take our Terms of Service very seriously and act on all information we receive in order to investigate potential breaches. Since we want to be a pleasant and safe environment for all of our valued users, our terms are enforced on a daily basis.
Re-active [hxxp://]
Helpful reminder: At any time, log into your account with your , Username, or your email address.
   From your pals at
60 29th St. #343, San Francisco, CA, 94110

[Posted: Dec 8, 2017 4:00 PM]

From: Astorga, Jacquilynn L. (jla9s)
Sent: Friday, December 08, 2017 4:02 PM
Subject: New
You have (3) Important Unread Messages From the mail, click here<hxxp://> to open and read
The University of Virginia

[Posted: Dec 7, 2017 2:45 PM]

Sent: Thursday, December 07, 2017 1:21 PM
To: Recipients <blstppv[AT]>
Subject: Blackboard
Dear Blackboard Member, 
You have one unread message in your Blackboard area 
click here <hxxps://> to read now 
Blackboard Administrator.

[Posted: Dec 5, 2017 2:00 PM]

From: waditech[AT] [mailto:waditech[AT]] On Behalf Of
Sent: Monday, December 04, 2017 11:42 AM
Subject: RE : [ Summary Report ] Updated and account submited to reset your Logged in password [ Services Code-2772]
Dear Customer
For your protection, your Apple ID is automatically disabled.
We have prevented an unusual sign in attempt on your Apple account. This may have been because you're signing in from a new location or from a different device. Please review the sign in details below:
Your account access has been locked for the following reason(s):
* We check your account  login with other device.
* Your account has been locked until this issued has been resolved we will waiting for 1 week or your account has been disabled permanently.
What to do Next:
Please Click the login button below to your Apple account and provide the requested information before: 1 week: through the Account Review, If we don't receive the information before this deadline, Your account access may be further locked permanently.
LOGIN <hxxp://>
This email was intended for ,.
Copyright � 2017 Apple Inc. All rights reserved.

[Posted: Dec 4, 2017 9:00 AM]

Dear Student / Staff,
Access to your University Email Account (UEA) will expire and be disabled within
24hours due to system upgrade.
Kindly validate and upgrade your account to retain your email address.
Click Here
Edward Zawacki
Chief Information Security and Privacy Officer

[Posted: Nov 14, 2017 12:30 PM]

The message below is a SCAM. We disabled the link but display it for educational purposes.

From: jq23fl @
Date: November 14, 2017 at 8:45:52 AM EST
To: mcp4n @>

Good morning, Mary

I hope you had a good vacation to Disney World. I look forward to seeing your pictures of the mouse.

I complied the performance review data for all UVA employees. The data did correlate as you suspected.

Please let me know if you have any questions or want me to run a different report.

Link to the file: hxxps://

Thank you,

Virginia HR Specialist 

[Posted: Nov 14, 2017 12:30 PM]

The message below is a SCAM. We disabled the link but display it for educational purposes.

From: rikki-maria@  On Behalf Of @virginia
Sent: Tuesday, November 14, 2017 12:23 PM
To: info @


There  is a congestion on our database. We are currently de-activating inactive Virginia webmail. Kindly confirm your Virginia webmail is still active with the link below; hxxps://

Copyright (c) 2017, University of Virginia. All rights reserved.


Subscribe to Security Alerts & Warnings

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form