Security Alerts & Warnings | UVA Information Security

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us by forwarding it to [email protected].

Security Alerts and Suspicious Items Currently Affecting UVA:

UVA Employment

Posted: February 18, 2022 - 10:39am

From: "Lewis, Tanika (tl9jh)"
Date: 18 February 2022 at 14:26:04 GMT
To: Typical User
Subject: UVA Employment

Work remotely at your convenience from home or school this semester. Students and staff of UNIVERSITY OF VIRGINIA are qualified to apply, and payment is $400 weekly! Kindly CLICK HERE to submit an application.

Thanks.

Critical vulnerability in default Linux installations

Posted: January 26, 2022 - 4:45pm

A critical vulnerability (CVE-2021-4034) has been identified that requires the immediate attention of most Linux users. Please prioritize this issue.

Information about this vulnerability, who it affects, how to search for it, and mitigation strategies if you find it, are on our webpage: Critical vulnerability in most default Linux installations

We want to make sure that finding and fixing this vulnerability is high priority for all Linux administrators. Linux users who are not administrators should contact their administartor to make sure it is being fixed.

Thank you for helping to keep everyone’s data and information at UVA secure.

Text message about viruses on your smartphone

Posted: January 18, 2022 - 5:15pm

Multiple people at UVA have reported that they have received a text message that looks something like the one below.

This is "smishing" - it's like "phishing" but over SMS text so it's called "smishing"
So treat it like a phishing email - Don't click on the link.
Notice the weird writing, such as putting parenthesis around the "3" and not making "virus" plural.
The link is a odd as well, not a well-known link shortener, and if you hovered on it, it doesn't go where it states.
So ignore this text!

Your browsing history showed visits to unsecured websites. Now you have (3) virus on your device. Clean your phone <ponzm1.xyz/Lvsl8zpmel> ASAP

virginia.edu_Notification:(Wednesday, December 29, 2021)

Posted: December 29, 2021 - 8:41am

From: virginia.edu:12/29/2021
Sent: Wednesday, December 29, 2021 5:59:55 AM
To: User, Typical S
Subject: virginia.edu_Notification:(Wednesday, December 29, 2021)

virginia.edu WEBMAIL

Hello mst3k,

Your mst3k [at] virginia.edu password is set to Expire today,

Wednesday, December 29, 2021

You can change your password or continue using same password below

Keep Same Password

virginia.edu Support

Covid Test#xxxx

Posted: November 18, 2021 - 4:07pm

From: Virginia -053100 <kazash [at] gvsu.edu>
Sent: Thursday, November 18, 2021 3:36 PM
To: Typical User mst3k [at] virginia.edu>
Subject: Covid Test#56470
Importance: High

Attached copy of your test result.
Thanks.

University Payroll Services invited you to view the files "Regarding 2021 payroll schedule "on Payroll Services.

Posted: November 13, 2021 - 7:32pm

From: "John William Betts, III"
Date: November 13, 2021 at 1:05:15 PM EST
Subject: University Payroll Services invited you to view the files "Regarding 2021 payroll schedule "on Payroll Services.

University Payroll Services invited you to view the files "Regarding your 2021 payroll schedule "on Payroll Services.

View file

Enjoy!
University Payroll Services

virginia.edu Urgent Action Required!

Posted: November 5, 2021 - 3:04pm

From: IT HelpDesk
Date: Friday, November 5, 2021 at 2:58 PM
To: Typical User
Subject: virginia.edu Urgent Action Required!

Hi mst3k,

Due to new terms of our user agreement, we inform you that we made recent updates in our website to ensure safety while using our services. Follow the link below to update your mailbox and follow the steps to check your email.

Update Account

Should you have any questions, do not hesitate to contact me.

Thanks,
Helpdesk Team

Security alert

Posted: November 1, 2021 - 3:14pm

From: IT Help Desk
Sent: Monday, November 1, 2021 3:00 PM
To: Recipients
Subject: Security alert

Your virginia edu account will be De-activated shortly

To stop De-activation Click Here and Log In

IT Help Desk.

More Chrome Zero-Day flaws: CVE-2021-37975 & 37976

Posted: October 1, 2021 - 4:50pm

More Zero-Day flaws in the Chrome web browser for Windows, Macintosh, and Linux computers

More zero-day flaws have been found in the Chrome web browser used on Windows, Macintosh, and Linux computers. The flaws (CVE-2021-37975 and CVE-2021-37976) are a high and medium severity flaw (respectively) on the CVSS vulnerability-rating scale. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the system or obtain sensitive information.

Gift Card Scam Text Message

Posted: September 27, 2021 - 10:30am

Text Message starting a Gift Card Scam

Multiple people at UVA have reported that they have received a text message that looks like this:

This is the beginning of a gift card scam!

Do NOT reply to this text message.

If you're concerned that it is legitimate request from your "" (e.g., your dean, department chair) then email or call that person using the contact information you already have.

Please report "smishing" (SMS phishing) to us by emailing [email protected]

Subscribe to Security Alerts & Warnings