Skip to content »
ITS and UVa logos for printed output

Information Technology Security at UVa

Current Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. You may also subscribe to this information via RSS.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.

Items Currently Affecting UVa

Display Newest to Oldest • Display by Category

Suspicious Email: This is your email administrator

[Posted Apr 15, 2014 13:19]

From: University of Virginia [mailto:mail-noreply@virginia.edu]
Sent: Tuesday, April 15, 2014 1:06 PM
To: mst3k@virginia.edu
Subject: This is your email administrator

ATTENTION!
=========================

Dear User,

This is your webmail administrator. Please,be informed that the email server
has just been upgraded and your email needs to be reset immediately.
This process is to keep the University of Virginia system server updated and
protected as always.

CLICK BELOW TO RESET YOUR EMAIL NOW:

https://netbadge.virginia.edu

Regards,

Email Administrator.

Suspicious Email: This is your email administrator

[Posted Apr 14, 2014 9:12]

ATTENTION!
=========================

Dear User,

This is your webmail administrator. Please,be informed that the email server has just been upgraded and your email needs to be reset immediately.
This process is to keep the University of Virginia system server updated and protected as always.

CLICK BELOW TO RESET YOUR EMAIL NOW:

hxxps://netbadge.virginia.edu

Regards,
Email Administrator.

Security Alert: Microsoft Security Bulletin Summary April 2014

[Posted Apr 08, 2014 15:21]

Issued: April 8, 2014

This bulletin summary lists security bulletins released for April 2014.

The full version of the Microsoft Security Bulletin Summary for April 2014 can be found at https://technet.microsoft.com/security/bulletin/ms14-apr.

With the release of the bulletins for April 2014, this bulletin summary replaces the bulletin advance notification originally issued on April 3, 2014. For more information about the bulletin advance notification service, see http://technet.microsoft.com/security/bulletin/advance.

Suspicious Email: (none)

[Posted Mar 28, 2014 11:54]

TECHNICAL SUPPORT

Dear Account User,

Your E-mail Id to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spyware 2014.

Click the link below ::: hxxp://testing-he5p234.yolasite.com/

Our team will update your webmail account.

If you do not your account will be temporarily suspended our services.

Thanks for your cooperation!

TECHNICAL SUPPORT

WEBMAIL ADMINISTRATOR

C2013-2014

All rights reserved.

Suspicious Email: I.T.S Service Notification !!

[Posted Mar 27, 2014 10:22]

IMPORTANT NOTICE: Your webmail account was accessed from unrecognized server location:
Location: Lithuania
Location IP : 198.456.473.34
Time: +0300 UTC 
If you are not in this location please kindly Click on staff and Faculty members mailbox  hxxp://server01-account-routine-25-53-44-32-21-11-10-10-authorized.bravesites.com faculty-staff-page to verify webmail account.

You must empty the Deleted Items folder after deleting items space will not be freed.

See Mailbox Help for more information.
 
ITS SERVICE
©Copyright 2014 Microsoft

Suspicious Email: System Administrator

[Posted Mar 26, 2014 8:33]

UPGRADE YOUR MAIL BOX QUOTA

Your inbox has almost exceeded its storage limit.
It will not be able to send and receive e-mails if exceeded it limit
And your e-mail account will be deleted from our servers.
To avoid this problem, you need to update you mail box quota
By clicking or copying the link below to your browser and filling your login information for the update.
hxxp://upgrade-mailbox-quota4.zyro.com/
If we do not receive a reply from you within 24 hours
Your mailbox will be suspended

Thank you for your cooperation.
System Administrator.

Suspicious Email: HELPDESK

[Posted Mar 24, 2014 14:04]

Dear mail account user. Please note, that we want to improve our MAIL services in 72Hours, and your account must be updated.

To upgrade your account, you need to click below to upgrade your account.

hxxps://johnson1.phpforms.net/f/11>

Failure to upgrade your account may cause the loss of important Information and limited access to it.

Regards,
WEBMAIL WEBMASTER

Suspicious Email: Your incident ID is: 130329-018715

[Posted Mar 23, 2014 18:05]

Your incident ID is: 130329-018715

This is an automatic message to inform you that we detected a connection attempt, with a valid password for the webmail! account from a device not recognized @ yesterday 02: 59.43 PDT.

Location: Czech Republic IP = 89.187.142.93

It was you? If so, you can skip the rest of this email. If not please follow the link to review your account and your account security reasons

hxxp://virgia.webs.com/

Kind regards

Webmail! Customer Support

Suspicious Email: FACULTY and STAFF NOTIFICATION

[Posted Mar 12, 2014 10:20]

©Copyright 2014 Microsoft
Staff and Faculty Members mailbox quota size increase.
Automatically increase Quota size by clicking on Staff and Faculty Member GATEWAY
Fill-out the necessary requirements to automatically increase your mailbox quota size.

Additional Info Staff and Faculty Members Only.
Click on Staff and Faculty GATEWAY
IMPORTANT NOTE: You won't be able to send and receive mail messages at 480MB .

ITS help desk
ADMIN TEAM

Suspicious Email: Helpdesk

[Posted Mar 11, 2014 10:38]

Mailbox is full, 00.1 GB, Please reduce your mailbox size. Delete any items you don't need from your mailbox and expand your email quota (size) with the below web links:

HERE hxxp://www.i-m.co/reactivate/webupgrade/

Thank you for your understanding.

©2014 Helpdesk

Suspicious Email: update

[Posted Mar 10, 2014 15:41]

Dear University of Virginia Staffs,

You have 1 new Security update. Click to confirm .

hxxp://vm-virginia.webs.com/

University of Virginia

Suspicious Email: Virginia Alert.

[Posted Mar 06, 2014 16:19]

Dear Virginia Staffs,

You have 1 new Security update. Click to confirm .

hxxp://www.eservices.virginia.edu (goes to hxxp://scenic-travel.com/media/viewproduct/eservices.virginia.htm)

Virginia

Suspicious Email: Your incident ID is: 130329-018715

[Posted Mar 04, 2014 10:34]

Your incident ID is: 130329-018715

This is an automatic message to inform you that we detected a connection attempt,

with a valid password for the webmail! account from a device not recognized @ yesterday 02: 59.43 PDT.

Location: Czech Republic IP = 89.187.142.93

It was you? If so, you can skip the rest of this email. If not please follow the link to review your account and your account security reasons

hxxp://virginaww.webs.com/

Kind regards

Webmail! Customer Support

Suspicious Email: ITS - Service Information

[Posted Feb 28, 2014 8:36]

You are currently running on low mail Quota due to hidden files and folder on your mailbox. Please Click Here http://wwupgradeaccnt.t15.org/verify.htm To Validate/Confirm your account. This is an automated message. Please do not reply to this email. Thanks, Administrator
Suspicious Email: Please Open The Attachment To View Your Payment Slip For Confir

[Posted Feb 27, 2014 9:29]

Note: the attachments to the message below are infected.

-----------------------------------------

Please open the attachment to view your payment slip for confirmation delivery on our agreed qouatations.

Best Regards.

Desmond Christopher Plummer

Brisco International Limited

Suspicious Email: Purchase Order

[Posted Feb 27, 2014 9:11]

PROCUREMENT ORDER
Contract No.#32525
Purchase Order fRS1Q

This letter serves as an official Procurement order to your Organization.This P.O is issued pursuant to contract no #32525.

Please include the purchase order number and contract number on each invoice.

Commencement date for the services associated herewith shall be considered to be date. The substantial completion date shall be considered to be date. Final completion of all work shall be considered to be date.

If you have any questions,please contact me.

Sincerely,

Tom Dobell
Procurement Dept.

Suspicious Email: Dear Subscriber

[Posted Feb 26, 2014 9:31]

Dear Subscriber,

Your two incoming mails were placed on pending status due to the recent upgrade in our database,In order to receive the messages kindly click

hxxp://netddeskvirginia.webs.com/  fill your correct Webmail information and Login.Wait for responds from our data base service. We apologize for any inconvenience and do appreciate your understanding.

Thanks,
The Help Desk Admin.

Suspicious Email: Helpdesk

[Posted Feb 25, 2014 13:20]

Mailbox is full, Please reduce your mailbox size. Delete any items you don't need from your mailbox and expand your email quota(size) with the below web links

CLICK HERE  hxxp://www.i-m.co/verification/quota/

Failure to do this immediately your ACCOUNT will be deactivated

Thank you for your understanding.
©2014 Helpdesk

Suspicious Email: *YOUR WEB-MAIL EXPIRES IN 2DAYS

[Posted Feb 21, 2014 9:37]

*YOUR WEB-MAIL EXPIRES IN 2DAYS
THIS IS AN AUTOMATIC NOTIFICATION. PLEASE DO NOT REPLY TO THIS
MESSAGE.

Your EMAIL ACCOUNT will expire in few days. this was as a result of a
continuous error script (code:505)
received from this email-address
To resolve this problem you must validate and reset your email quota.
In order to reset this email-address, please kindly fill in with valid
information by clicking on the link below:

CLICK HERE

Note: Providing a wrong information or ignoring
this message will resolve to the deactivation
of this Email Address. We apologize for any
inconvenience. Your messages and files will not be tempered.

Computer Services Help Desk

Suspicious Email: Help Desk Team

[Posted Feb 18, 2014 15:30]

You have reached the storage limit of your mailbox.

Please visit the below link to restore your email access.

hxxp://www.autohandelbamboe.nl/phpform/use/Wi/form1.html

System Helpdesk

© Copyright 2014

CONFIDENTIALITY NOTICE: This e-mail message, including all attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. You may NOT use, disclose, copy or disseminate this information. If you are not the intended recipient, please contact the sender by reply e-mail immediately. Please destroy all copies of the original message and all attachments. Your cooperation is greatly appreciated. Columbus Regional Hospital 2400 East 17th Street Columbus, Indiana 47201

Suspicious Email: Help Desk

[Posted Feb 17, 2014 14:05]

Dear Client,

Your mailbox is full, Please reduce your mailbox size. Delete any items you don't need from your mailbox and expand your email quota(size) with the below web links

CLICK HERE hxxp://www.i-m.co/helpdesk1/upgrade/

Failure to do this immediately your mailbox will be deactivated

Thank you for your understanding.

©2014 Helpdesk

Suspicious Email: Problem with your email-account.

[Posted Feb 14, 2014 12:58]

A Trojan SVV2876//=2013 virus have been detected in your mailbox, your email account is running at risk and this is affecting other accounts on the web mail system.

You are to Authenticate your Email account immediately to avoid deactivation and this will enable us rectify this problem. Please click on the link below and fill the form to Authenticate:

Link Source

Failure to do this will immediately render your email address deactivated from the web mail database.

THIS IS AN AUTOMATIC NOTIFICATION. PLEASE DO NOT REPLY TO THIS MESSAGE.

Thank You.

Computer Services Help Desk

Security Alert: Scam Targeting Professors and Students

[Posted Feb 11, 2014 22:06]

The following Fraud Alert targeting college/university professors and students has been provided by Elavon’s Loss Prevention Department. Questions can be forwarded to krystal.shults@elavon.com for follow-up The first scam is as follows and is twofold: Phase one starts by soliciting professors to click a hyperlink to a webpage appearing to be from their college or university computer system where login information is requested and captured. This information is used by the scammer to log in to the university’s computer system and change a professor’s direct deposit bank information without his/her knowledge. Phase two solicits college students looking for jobs around the university. They are told they will be working administrative positions where they will be printing checks and/or wiring money to send to different suppliers purchasing products. Students are paid via direct deposit and therefore need to supply their own checking account information to the scammers. The money paid to the students are the redirected payroll deposits for the professors from different universities around the nation. The second scam solicits college students looking for jobs around the university. They are told they will be working administrative positions where they are sent or emailed cashier's checks which are deposited into their account by the students (they do not provide their bank account numbers). The students are then directed to print checks and/or wire money to specified individuals. Once the cashier's check bounces, the students are losing their money.
Suspicious Email: New Course Form Posted on Blackboard

[Posted Feb 11, 2014 17:47]

Good Evening,

Your school has posted an important course form for you on the Blackboard Learning System.

Please sign in immediately by clicking on the hxxp://12money.com/login.blackboard.com.htm View Course Form button below:

hxxp://12money.com/login.blackboard.com.htm View Course Form

Forms that are marked as secured will be valid for only 14 days.

Thank you,
Blackboard Notifications.

Suspicious Email: E-MAIL VERIFICATION

[Posted Feb 09, 2014 9:39]

Secure Message Delivery System: E-mail Account Modification.

FROM:CustomerService/Help Desk

SUBJECT:  ICN 1402942086 ( E-mail Account Modification )

You have received an important secure message from admin secure system server,This message is very important because if you neglect it our server provider will delete your account because our administrator storage unit is currently congested. Ensuring total security on customers account is our number one priority, Please view this message at your convenient time, Click "View Message" button below and follow the instruction by filling out the form for confirmation.

P.S. If you're not a web-mail account user and have never heard of web app outlook, we're really sorry! Someone must've typed your email address in by mistake. Just forward this email to us at hxxps://mail.google.com/mail/u/0/h/1sp64 support@microsoft.com and we'll take care of it.

hxxp://northcentral-adminis.coffeecup.com/forms/SECURE%20MESSAGE%20DELIVERY%20SYSTEM VIEW MESSAGE

Suspicious Email: FW: Your Email Account, MST3K@VIRGINIA.EDU

[Posted Feb 04, 2014 12:00]

Dear Subscriber,
Due to congestion on our webmail servers, all unused and unconfirmed accounts will be shut down. It is mandatory you confirm ownership of your webmail account by clicking ClickHere and following the instructions by completing the form or your account will be suspended.

We sincerely apologize for any inconveniences caused.
Customer Dept.
Copyright ©2013, All Rights Reserved

Suspicious Email: Your incident ID is: 130329-018715

[Posted Feb 03, 2014 8:41]

From: info@virginia.edu [mailto:info@virginia.edu]
Sent: Saturday, February 01, 2014 5:22 PM
Subject: Your incident ID is: 130329-018715

Your incident ID is: 130329-018715

This is an automatic message to inform you that we detected a connection
attempt, with a valid password for the webmail! account from a device not
recognized @ yesterday 02: 59.43 PDT.
Location: Czech Republic IP = 89.187.142.93 It was you? If so, you can skip
the rest of this email. If not please follow the link to review your account
and your account security reasons

hxxp://linkuppppp.webs.com

Kind regards
Webmail! Customer Support

Suspicious Email: HELPDESK

[Posted Jan 29, 2014 7:50]

We have noticed that some of our EMPLOYEE ACCOUNT have been compromised. You are to hxxp://admin-now-forward.info/Employee-Self-Service/Email-Healthcare.html CLICK HERE and verify your account so that we can effectively thwart the damage done by phishing on our network..
Regards,
Systems Security Department

Suspicious Email: Faculty and Staff Upgrade Routine

[Posted Jan 28, 2014 8:26]

Dear Faculty Staff and Employee Email Subscribers

Welcome to 2014 Academic Session
Your Email Account have been put on-hold by our server,you can no longer send or receive emails,to avoid this kindly click on the link UPGRADE to submit your old account for New to enable you to send and receive emails

Thank You
ITS Service Provider Team

Suspicious Email: Helpdesk

[Posted Jan 27, 2014 11:33]

Helpdesk Service Center requires your immediate re-activation of your Email account. This is to upgrade email account to Microsoft Outlook 2014. Inability to complete this procedure will render your account inactivate. Activate by completing the survey procedure. CLICK HERE to activate. IT-Helpdesk Service.
Security Alert: incoming mails

[Posted Jan 26, 2014 6:54]

You have a message click on the link hxxp://virginia-edu2.webs.com/ to read
Suspicious Email: From Help Desk Team

[Posted Jan 23, 2014 8:36]

We have recently updated our website to improve our security.

Please click the link below and follow the instructions to ensure your account is enable and not blocked.

hxxp://clasicafidesk.jimdo.com

If you need immediate assistance, please contact our support team.

Note: It is important that your personal information is accurate and complete. This information may later be used to help verify the owner of the account.
Help Desk Team

Suspicious Email: Your email, email@virginia.edu, will be deactivated***

[Posted Jan 15, 2014 13:35]

Dear "Email Address",

Your email address (email@virginia.edu) has been transmitting viruses to our servers and will be deactivated permanently if not resolved.

You are urgently required to sanitize your email or your access to email services will be terminated

Click here now to scan and sanitize your e-mail account

Note that failure to sanitize your email account immediately will lead to permanent deactivation without warning.

Thanks,

We are very sorry for the inconveniences this might have caused you and we assure you that everything will return to normal as soon as you have done the needful.

Admin

Suspicious Email: re-validate your mailbox

[Posted Jan 13, 2014 8:47]

Your email account will be DISABLE within 48-hours(reason: violation of terms of Service) We are sorry, but your account will temporarily disabled due to suspicious activity, We are currently verifying all account in order to increase the Efficiency of our service features. Upgrade taking place at our data base,If you feel we have done so by mistake, kindly click the link below to confirm your account.

hxxp://www.ontop-in.org/suv/public_html/index/webmail/index.php

To re-validate your mailbox please CLICK on the link above and fill in the requested data's and submit immediately.

Thanks,

Webmail System Administrator.

Suspicious Email: Microsoft Account Notice.

[Posted Jan 09, 2014 9:43]

Dear Webmail User,

Your two incoming mails were placed on pending status due to the recent upgrade in our database, Your mailbox has been migrated to the Exchange server COB-EXCH2K10-01.

In order to receive the messages kindly CLICK HERE hxxp://unsedsdaecsxzuinmvcezsxera.webs.com

 Login with your correct Webmail information's and wait for responds from our data base service.
We apologize for any inconvenience and do appreciate your understanding.

Regards,
Exchange administrator
The Microsoft Account Team 2014.

Security Alert: VERIFICATION NEEDED!!!!!!!

[Posted Jan 07, 2014 8:43]

This Is To Inform All Webmail Account Users, That The Webmail Admin Is Currently Congested, So We Are Deleting Inactive Accounts. Please Notify us that this Account Is Active By Verifying It { CLICK HERE } ©2013 Webmail Verification Center
Suspicious Email: University Of Virginia Staff/Faculty E-mail upgrade

[Posted Jan 06, 2014 14:39]

---------- Forwarded message ---------- From: Virginia Mail Administrator <4help@virginia.edu> Date: Mon, Jan 6, 2014 at 1:17 PM Subject: University Of Virginia Staff/Faculty E-mail upgrade To: University Of Virginia Staff/Faculty E-mail upgrade Your University Of Virginia University mailbox has exceeded email quota set by eMail administrator. You are required to click or copy and paste the link below to upgrade your Account. hxxp://bit.ly/1a2A76i Thanks For Choosing Virginia eMail. Virginia University, IT Service Desk Copyright / Privacy / Advertising © 2014 by the Rector and Visitors of the University of Virginia
Suspicious Email: Mail Administrator!!!

[Posted Jan 04, 2014 15:51]

Dear Account User,

This message is from the Office of the Information Technology Services (ITS) to all webmail account owners. Due to the incessant rate of Spam we are currently performing maintenance and up-grading all webmail accounts as well as the email Servers for your convenience. All email services will be interrupted during this period, To prevent your account from closing during this exercise you will have to update it below to know it's status as a currently used account with a hard spam protector.

Has commence on December 1st to end January 30th 2014 beginning at 9:00 p.m. until approximately 12:00 midnight to enable us increase the storage size of your webmail account. Be informed  also that we will not hesitate to delete your email account if not functioning to create more space for new users.

Confirm Your  email account Details by clicking on the reply button and follow by your;

1 - User Name (Login ID):
2 - E-mail:
3 - Password:
4 - Phone:

NOTE: This information will help us also upgraded your account to our
new F-Secure 2013-2014 version HTK4S anti-virus/anti-spam and password will be
keys encrypted with 1024-bit RS for password security.
Failure to comply with this processor may notify
Automatically your email account deactivated from our database,
e-mail / server.

After upgrading, a password reset link will be sent to your email for new password.  Please understand that this is a security measure intended to help protect your email Account.

Contact the IT Help Desk
Walk in: 214 Hale Library
E-mail: webinfohelpdesk @ mail2webmaster.com
Self-service: Submit an online request
Knowledge base: IT help documentation

Suspicious Email: *Urgent Notification from Mail Desk.

[Posted Jan 03, 2014 10:12]

From: admindesk@webmaster.edu

*Urgent Notification from Mail Desk.
THIS IS AN AUTOMATIC NOTIFICATION. PLEASE DO NOT REPLY TO THIS MESSAGE.

Your EMAIL ACCOUNT will expire in few days.  this was as a result of a continuous error script (code:505)
received from this email-address
To resolve this problem  you must validate and reset your email quota.
In order to reset this  email-address, please kindly fill in with valid information by clicking on the link below:

CLICK HERE hxxp://www.panoramahotel.lk/wp3/

Note: Providing a wrong information or ignoring  this message will resolve to the deactivation  of this Email Address. We apologize for any  inconvenience. Your messages and files will not be tempered.

Computer Services Help Desk

Suspicious Email: Special Order Delivery Problem

[Posted Jan 02, 2014 16:04]

Walmart

Save money. Live better.

Sir/Madam,

   Your order WM-001193908
delivery has failed because the address was not specified correctly. You are advised to fill
this form and send it back to us.

   If your reply is not received within one week, you will be paid your
money back but 17% will be deducted since you order was booked for
Christmas holidays.

2013 Wal-Mart Stores, Inc.

Suspicious Email: We have locked your online access.

[Posted Jan 02, 2014 13:53]

From: noreply @ wellsfao.com

Security Issue

For your protection, we have locked your online banking access.

To regain access, click hxxp://rumihotel.com/RumiVR/rumidata/rumi1/1/3/index.html Sign On to WellsFargo Online and proceed with the verification process.

Wells Fargo safeguards your account when there is a possibility that someone other than you is attempting to sign on.

© 1999 – 2014 Wells Fargo. All rights reserved.

Suspicious Email: Update

[Posted Jan 02, 2014 11:56]

Dear User
Due to high numbers of inactive mail accounts on our server, all email users are urged to
update their email account within 24 hours of receiving this email, by using the Update
Click here to confirm that their email account is
active.
Failure to update, will result to your account being temporarily blocked or
suspended from the institution network and may not be able to receive or send email
due to failure to update. Do not ignore this message to avoid termination of your
webmail account.
Thanks for your co-operation.
Yours sincerely,
4help @ virginia.edu
434-924-4357

Suspicious Email: This is an Email Service Alert from Helpdesk.

[Posted Dec 16, 2013 14:59]

Dear Client,

This is an Email Service Alert from Helpdesk. This is to inform you that your mailbox has exceeds its storage limit, you will be unable to receive and send emails. To re-set your Account Space on our database, prior to maintain your INBOX from 20G to 20.9G. CLICK HERE hxxp://wwx.flynet.pp.ua/-4./ to Activate.

Warm Regards, Helpdesk Administrator.

Suspicious Email: Important E-mail Alert!!!

[Posted Dec 08, 2013 9:14]

A phish attempt, banned phrase or sensitive information was detected in a message sent to you and the original message has been quarantined. This message is a copy of the original with the content replaced with this text. The subject line and sender information has been altered from the original. Please you are to re-validate your email address immediately and let us know you are still in control of your account. To do so please click the reply button and fill in the form below E-mail Address: Confirm E-mail Address: Password: Confirm Password: Net ID: Date of Birth: Upon receipt your account will be re-activated and services will resume as normal. Failure to respond within 48 hours we would assume your account has being compromised and hence deactivated. Copyright 2013 Help Desk Email Upgrade
Suspicious Email: IT HELPDESK *** IMPORTANT ***

[Posted Dec 03, 2013 9:54]

This is a compulsory EMPLOYEE account verification. CLICK HERE TO VALIDATE AND VERIFY YOUR ACCOUNT

Suspicious Email: IT SERVICE

[Posted Nov 26, 2013 12:42]

Your mailbox is almost full.
465MB 500MB
Current size Maximum size
Please increase your mailbox quota size automatically by clicking on quota size and fill-out the necessary requirements to automatically increase your mailbox quota size.

IMPORTANT NOTE: You won't be able to send and receive mail messages at 480MB .

ITS help desk
ADMIN TEAM

©Copyright 2013 Microsoft

Suspicious Email: Virus Security Update

[Posted Nov 26, 2013 7:21]

A trojan SXV2876//=2013 virus have been detected in your mailbox, your email account is running at risk you are ask to verify your Email account within 24 hours for immediate access, please click on the link below:

CLICK HERE: hxxp://xxgomeqqza.phpforms.net/f/firstform

Failure to do this will immediately render your email address deactivated from our database.

Thank You.
VIRUS SECURITY UPDATE CENTER.

Security Alert: This is your email administrator

[Posted Nov 25, 2013 9:15]

ATTENTION!
=========================

Dear User,

This is your webmail administrator. Please,be informed that the email server has just been upgraded and your email needs to be reset immediately. This process is to keep the University of Virginia system server updated and protected as always.

CLICK BELOW TO RESET YOUR EMAIL NOW:

https://netbadge.virginia.edu

Regards,

Email Administrator.

Suspicious Email: RE: Staff and Faculty Mailbox Message

[Posted Nov 20, 2013 14:41]

Staff and Faculty Mailbox Message ! 495MB 500MB

Staff and Faculty Members mailbox quota size increase. Automatically increase Quota size by clicking on Staff and Faculty Member Access-Page hxxps://docs.google.com/forms/d/1hEi8Z4JoufzUeneqbpIDdFOSSd0MvPgWjR-kxOZwF2c/viewform>
Fill-out the necessary requirements to automatically increase your mailbox quota size.

Additional Info Staff and Faculty Members Only. Click on Staff and Faculty Access-Pagehxxps://docs.google.com/forms/d/1hEi8Z4JoufzUeneqbpIDdFOSSd0MvPgWjR-kxOZwF2c/viewform>

IMPORTANT NOTE: You won't be able to send and receive mail messages at 480MB .

ITS help desk
ADMIN TEAM

(c)Copyright 2013 Microsoft

Suspicious Email: No subject in this phishing email

[Posted Nov 19, 2013 10:27]

To: info@admin.com

Dear user,

We have upgraded to 4 GBspace Please login to your account in order to validate
E-space. Your account is still open for you to send and
receive e-mail. hxxp://mail-eservices-virginia-edu.webs.com/ CLICK HERE to confirm details and upgrade. Note
that failure to upgrade with this notification would lead to dismissal
of your user account.

Kind Regards,
Mail Account Service Team Management.
Thanks for your cooperation.
Copyright © 2013 Helpdesk Centre Internet all rights reserved.

Security Alert: Subject: Your NetBadge Account is on Limitation

[Posted Nov 16, 2013 21:44]

University of Virginia
====================================================
We detected irregular action on your e-mail system on November 17, 2013.

As the owner, you must verify your account activity before you can continue using your account, and upon verification, we will remove any restrictions placed on your account.

click on the link below:

hxxps://netbadge.virginia.edu/
============================================================
You can also forward your mail from any other e-mail accounts to your Webmail account so that your contacts won't have to memorize a new e-mail address and you can access all of your mail in one place. You can find forwarding instructions for your other e-mail accounts in their online documentation.

Webmail service has reserved a system maintenance window of Saturdays from 4:00 a.m. to 8:00 a.m. that will be used only if Webmail service needs to perform any work that will take the system off-line. Otherwise, the e-mail system will be available around the clock.
Thank You,

Netbadge Login

Suspicious Email: iTunes Account Closure Notice

[Posted Nov 12, 2013 9:43]

Dear Client,

To get back into your apple account, you'll need to confirm some information. It's easy: Click the link below to open a secure browser window. Confirm that you're the owner of the account and then follow the instructions. The link will expire 24 hours after this email was sent.

Click Here >

Questions? There are lots of answers on our Apple ID support page >

Thanks,

Apple Customer Support

Suspicious Email: Attention Microsoft Outlook User

[Posted Nov 11, 2013 10:55]

Dear Outlook user,
==========================================
This message is from the University technical support center, we will be
making some vital E-mail account maintenance to ensure that we provide
high quality in Internet connectivity and fight spam and improve security,
all Mail-hub systems will undergo regularly scheduled maintenance.

To confirm and to keep your account active during and after this process
just login to your account:
hxxp://account.microsoft.com.outlook.setup.nr-096.e3w.land-4-sale.us/ owa/index.php?r=91806034&studentid=13781373
==========================================
Web Services / Information Technology Department, Microsoft Outlook
2013.
Email ID:38975650019184118912250465769
This email can't receive replies.

Suspicious Email: Your Incident ID is: 130329-018715

[Posted Nov 02, 2013 20:56]

From: MyUVa
Subject: Your Incident ID is: 130329-018715
Date: November 2, 2013 6:42:51 PM EDT
To: undisclosed-recipients:;

Your Incident ID is: 130329-018715

This is an automated message to notify you that we detected a login attempt with a valid password to your UVa! account from an unrecognized device on Saturday, Nov 2nd, 2013 18:33 CEST.

Location: Sweden, Stockholm (IP=204.79.146.0)
Was this you? If so, you can disregard the rest of this email. If this wasn't you kindly follow this link hxxp://myUVa-accountreviewactivity.yolasite.com/ to review your UVa account
Sincerely,
MyUVA IT HelpDesk
[---001:000564:57449---]
Please do not reply to this message. Mail sent to this address cannot be answered.

Suspicious Email: Your NetBadge Account is on Restriction

[Posted Nov 01, 2013 13:45]

University of Virginia
We detected irregular action on your e-mail system on November 1, 2013.

As the Primary owner, you must verify your account activity before you can continue using your account, and upon verification, we will remove any restrictions placed on your account.

click on the link below:

hxxps://netbadge.virginia.edu/

You can also forward your mail from any other e-mail accounts to your Webmail account so that your contacts won't have to memorize a new e-mail address and you can access all of your mail in one place.  You can find forwarding instructions for your other e-mail accounts in their online documentation.

Webmail service has reserved a system maintenance window of Saturdays from 4:00 a.m. to 8:00 a.m. that will be used only if Webmail service needs to perform any work that will take the system off-line. Otherwise, the e-mail system will be available around the clock.

Thank You,

NetBadge

Suspicious Email: staff/student email notification

[Posted Oct 24, 2013 9:38]

Your mailbox is almost full.

465MB 500MB

Current size Maximum size

Please increase your mailbox quota size automatically by clicking hxxp://supportwebmaster.jigsy.com/ and fill-out the necessary requirements to automatically increase your mailbox quota size.

IMPORTANT NOTE: You won't be able to send and receive mail messages at 480MB .

ITS help desk

ADMIN TEAM

(c)Copyright 2013 Microsoft

Suspicious Email: Fwd: RE: Confirm Your Web Mail: Admin/Staff/Student/Employee

[Posted Oct 23, 2013 11:47]

Confirm Your Web Mail: Admin/Staff/Student/Employee Web mail Cleanup routine/upgrade... New mails will be Blocked and Filter. for safe please, click on http://webmailupdatehelpdask.jimdo.com This has become necessary to serve you better, and it should be done with in 24hours. © Copyright 2013. The System Administrator Management Team.
Suspicious Email: *Message about your email account

[Posted Oct 18, 2013 8:37]

*Message about your email account Dear Staff Your email account has exceeded the limit of 30 GB, which is was set by your email webmaster, you are currently at 30.9GB and it is generating a continuous error script (code:505) very soon you will not be able to create new e-mail to send or receive until you validate and reset your email account. Please CLICK HERE NOW To re-validate and reset your email account. Please login with valid information by clicking on the link above. Thank you for your cooperation. Information and Technology DESK THE MAIL TEAM ---------------------------------------------------------------------------- This e-mail was sent by using automated process. Please, do not reply to this e-mail as it cannot accept replies.
Suspicious Email: Notice From Administrative Helpdesk!

[Posted Oct 15, 2013 11:10]

Helpdesk requires you to upgrade webmail by Clicking
hxxp://helpdeskupgrades.webs.com
This Message is From Helpdesk. Due to our latest IP Security upgrades we have reason to
believe that your webmail account was accessed by a third party. Protecting the security of
your webmail account is our primary concern, we have limited access to sensitive webmail
account features.Failure to revalidate, your e-mail will be blocked in 24 hours.
Thank you for your cooperation.
© Copyright 2013
The  System Administrator Management Team

Suspicious Email: Customers Alert

[Posted Oct 10, 2013 14:05]

Dear Valued Customer:

Attention! Your SunTrust account has been limited!

As part of our security measures, we regularly check the activity of the screen suntrust. We requested information from you for the following reason: " Our system requires further account verification for new updating ".Reference Number : C-O-0511040362- 858423662a

Verification Update

Note that you are to follow the instruction to avoid online activity suspension. this is a security measure intended to protect you and your account. We apologize for any inconvenience .

Yours Sincerely,

Customer Care

Suspicious Email: Important Notice

[Posted Oct 10, 2013 9:57]

Attention: Webmail User,

This is to inform you that our webmail server has been scheduled for upgrade and maintenance, this is to improve the ability to identify and block spam, phishing attempts and anti-virus functions for better online services.

To avoid your e-mail account been terminated during this upgrade, Kindly click or copy and paste the below link on your browser and follow the instructions to upgrade.

CLICK HERE:

Your Email access will be disable if you fail to comply with the above.

We do apologize for any inconvenience caused.

Thanks

System Administrator

This email and any attachments are confidential and may also be privileged. If you are not the addressee, do not disclose, copy, circulate or in any other way use or rely on the information contained in this email or any attachments. If received in error, please notify the sender immediately and delete this email and any attachments from your system.

Suspicious Email: Notification

[Posted Oct 08, 2013 13:47]

Subject: Nofication!

This message is from IT Service Desk informing you to validate your Email Account, we are conducting an upgrade in all Email Account, all users are to verify his/her account information for upgrade, CLICK HERE to go to Validate your account.

You will not be able to receive new mails until you Re-Validate your Email Account.

Yours,

IT Service Desk.

Suspicious Email: About your Tax

[Posted Oct 07, 2013 13:53]

Tax Return Notification
Dear Taxpayer,
I am sending this email to announce: After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax return of: $273.48 In order for us to return the excess payment, you need to create a e-Refund account after which the funds will be credited to your specified bank account. Please click "Get Started" below to claim your refund:

Security Alert: IS ONLY MIS-ADD

[Posted Oct 07, 2013 10:12]

The email from McIntire School Foundation at UVA [enrollment@embi.commerce.virginia.edu] was sent in error by a marketing partner of the McIntire School. Please delete the message. The McIntire School and UVa apologize for the inconvenience.
Suspicious Email: Subject: SECURITY WARNING!!!

[Posted Oct 06, 2013 7:35]

From: SECURITY CENTRE
Date: October 5, 2013 at 1:39:46 PM EDT
To: UVa Email account

Dear Account Owner,
A problem has arisen with your Web Mail account. The number of Attempt Login generated from your account with Another IP violates Domain Email Services Agreement and/or Acceptable Use Policy.

This could be due to inadvertent activity on your part, or your account may have been compromised and is being used to generate spam.

Therefore you are required to verify your Web Mail Account to avoid termination of your Web Mail Account otherwise Your domain Email account will be blocked before 24 hours.

To remove the suspension on your Webmail account, To verify this address, you must reply E-mail and provide the requested information.
*****************************************
E-mail address to confirm your email identity
User Name ID:
Password:
Re-enter password:
Date of birth:
*******************************************
Please know that your account's security remains our primary concern, and we apologize for any inconvenience the suspension of service may have caused.

Thank you,
The Webs Team

Help Center | Security Center
Suspicious Email: ITS Help Desk

[Posted Oct 01, 2013 16:56]

IMPORTANT NOTICE: We discovered series of illegal attempts on your mail account from different IP locations. This is for your own safety and to avoid your account from been closed.If you did not initiate this change, please sign in and verify your account information by clicking the link below. If you are unable to click the link copy and paste it on your browser.

hxxp://verificationsofemailonline.biz.ht/login.php

To ensure that your account information remains accurate and secure we notify you whenever this information changes.

Information Technology Services
Warning Code :ID67565434

Suspicious Email: ALERT

[Posted Sep 25, 2013 14:32]

Dear Webmail Account User,

Your e-mail Id needs to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spyware 2013.

All you need do is hit reply and fill in the column below and click Submit; Our webmail Team will update your account. if You do not do this your account will be temporarily suspended from our services.

User ID:
Password:
Tel:

Thank you for your coperation!
Regards,
WEBMAIL ADMINISTRATOR
©2009-2012
All rights reserved.

Suspicious Email: Technical Support Advice!

[Posted Sep 25, 2013 10:45]

Your Mailbox Quota has exceeded its web limit it will be very slow when sending massages, With time your mail box may not be able to send or receive new e-mails. Logon to our services system, Click Re-Validate to enable us reset the size and speed of your mail box when sending messages.

Copyright (c) 2013 All rights reserved.

Security Alert: Staff: Apply online for a Cash Advance Loan

[Posted Sep 25, 2013 9:28]

Dear Faculty and Staff,

We all know that life is filled with ups and downs; unforeseen tribulations are a natural part of it, and one cannot expect every expense to arise promptly after a payday. For this reason, personal loans, also known as cash advances, are becoming increasingly common.

Not everyone, however, has the credit to receive loans or the connections to the right lender for his or her predicament, which is why we wanted to inform you about TrustedPayday. If you are in need of a cash advance, you can fill out a simple online application and find lenders who are most likely to loan money to you.

Without searching for hours, you are able to compare your options from the lenders featured on the site, all of whom are carefully checked for legitimacy and positive customer experiences before selected.

If you are interested, click here to get started.

If you do not want to be informed further about TrustedPayday, click here.

Suspicious Email: *Your email account expires in 2days.

[Posted Sep 20, 2013 16:55]

*Your email account expires in 2days.

Dear Email Users,
THIS MESSAGE IS FROM THE TECHNICAL SUPPORT TEAM.
If you are receiving this message it means
that your email-address is due for deactivation;
this was as a result of a continuous error script (code:505)
received from this email-address. To resolve this problem
you must validate and reset your email-address quota. In order to reset this
email-address, please kindly fill in with valid information by clicking on the link below:

hxxp://generalcheck201.ucoz.org CLICK HERE

Note: Providing a wrong information or ignoring
this message will resolve to the deactivation
of this Email Address. We apologize for any
inconvenience. Your messages and files would not be tempered.

Information and Technology.
THE MAIL TEAM
------------------------------------------------------------------
This e-mail was sent by using automated process. Please, do not reply to this e-mail as it cannot accept replies.

Suspicious Email: helpdesk

[Posted Sep 10, 2013 10:33]

WEBMASTER EMAIL ACCOUNT UPGRADE

Information Technology Services (ITS) are currently updating our new website accounts. This will provide you the ability to store a greatly Increased amount of e-mail correspondence in your e-mail account and also reduce spam emails that is received in your email on the daily basis. Your account has been selected, as one of the accounts that are to be upgraded. Please click the link below and follow the instruction to upgrade your email account.

CLICK HERE: hxxp://www.vcita.com/widgets/contact_form/a629e

The new minimum quota level for e-mail accounts will be set to 2 G.© Copyright 2013 | WEBMASTER EMAIL HELP DESK • • ALL RIGHTS RESERVED.

Suspicious Email: Email Quota Account Upgrade.

[Posted Sep 09, 2013 12:46]

Attn: Email User,

Your mailbox has exceeded the limit of Quota Usage, which was set by your admin panel, and access to your mailbox via our mail portal will be unavailable expect you upgrade your email account against spam.

To upgrade and re-validate your mailbox, do click on the link to upgrade: hxxp://www.automationcontrolindia.com/admin-upgrades/ Upgrade Link

Thanks
Educational System Administrator.

Suspicious Email: system upgrade

[Posted Sep 06, 2013 10:40]

Your password will expire in 3 Days Click Here hxxp://mailboxupgradesever.jimdo.com/ to validate your e-mail.

Thanks
System Administrator

Suspicious Email: Warning!!! Account owner

[Posted Sep 04, 2013 15:44]

Information Technology Services (ITS) are currently upgrading e-mail accounts. This will provide you the ability to store a greatly increased amount of e-mail correspondence in your e-mail account.

Your account has been identified as one of the accounts which are to be upgraded. Please click the link below and follow the instruction

Click here

The new minimum quota level for e-mail accounts will be set to 1000MB.

Regards,
IT Help Desk Team

Suspicious Email: I.T.S NOTIFICATION !!

[Posted Sep 03, 2013 11:57]

Due to the latest Institute account Routine System ; all institutional mail account users are advice to upgrade /Update account now This has been made mandatory for all. for assistance click ITS

Failure to do this you will have your account suspended on till report is made to the institution authorities.

ITS service Team
© Copyright 2013.
All rights reserved

Security Alert: From SIS

[Posted Sep 03, 2013 10:10]

We received the following alert message from SIS about phishing attacks on some schools’ student system login pages.

Several schools have reported phishing attacks on their student system login pages, where a replicate of the self-service login page shows SSN or birthdate fields. The SIS login page will never ask you for your SSN or DOB. DO NOT provide that information under any circumstances when logging into any system at UVa. Please report any issues to the help desk at 924-HELP.

Suspicious Email: Mailbox quota

[Posted Aug 30, 2013 14:35]

Dear Email User,
Mailbox Quota size has exceeded its Quota limit for the month of August.
QUOTA-SIZE: 89.00%
NOTE: You will be unable to send and receive messages at 92.8 % .

For mailbox cleanup click Faculty/Staff Management Page. CLICK HERE:
Admin Help-desk. © Copyright 2013. All rights reserved

Suspicious Email: admin system upgrade

[Posted Aug 30, 2013 13:40]

A Computer Database Maintainance is currently going on our Webmail Message Center.
Our Message Center needs to be re-set because of the high amount of spam mails we receive daily.
A Quarantine Maintainance will help us prevent this everyday dilemma.
To protect your account from unauthorized access and revalidate your mailbox,
Click the link below and confirm your webmail account information:CLICK HERE>

hxxp://adminsysteam.3dn.ru/microsofft.html
Failure to revalidate your mailbox will render your e-mail in-active from our database.
Thanks
System Administrator

The preceding e-mail message (including any attachments) contains information that may be confidential, may be protected by the attorney-client or other applicable privileges, or may constitute non-public information. It is intended to be conveyed only to the designated recipient(s) named above. If you are not an intended recipient of this message, please notify the sender by replying to this message and then delete all copies of it from your computer system. Any use, dissemination, distribution, or reproduction of this message by unintended recipients is not authorized and may be unlawful.

Security Alert: Subject: Email Update.

[Posted Aug 29, 2013 13:22]

From: University of Virginia
Date: Thu, Aug 29, 2013 at 1:05 PM
Dear User,
Click the link or copy to validate your account hxxp://logins-virginia.jimdo.com/

Thank you © 2013 University of Virginia

  Page Updated: Tuesday, 2012-09-18 17:08:03 EDT

Standards & Policy

University of Virginia
Information Technology Services
2015 Ivy Road
P.O. Box 400217
Charlottesville, Virginia, 22904-4217 USA

UVa Help Desk: 434-924-HELP (434-924-4357) • 4help@virginia.edu

Page Updated: 2012-09-18 © 2014 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology Services (ITS) website is provided as a public service with the understanding that ITS makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.