Skip to content »
ITS and UVa logos for printed output
MENU

Information Technology Security at UVa

Current Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. You may also subscribe to this information via RSS.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.

Items Currently Affecting UVa

Display Newest to Oldest • Display by Category

Suspicious Email: blank subject line

[Posted Sep 18, 2014 16:50]

You have received a new fax. This fax was received by Fax Server. The fax has been downloaded to dropbox service (Google Inc).

To view your fax message, please download from the link below. It's operat ed by Dropbox and safety. hxxp://al-katech.com/acztobqupi/cfhjhbmbzy.html

Received Fax Det ails

Received on: 16/09/2014 08:14 AM

Number of Pages: 1

From (ID): 503-879-10286

Duration of Fax: 0:00:29

Transfer Speed: 4400

T his e-mail has been sent from an automated system.

PLEASE DO NOT REP LY.

The information contained in this message may be privilege d, confidential and protected from disclosure. If the reader of this messag e is not the intended recipient, or an employee or agent responsible for de livering this message to the intended recipient, you are hereby notified th at any dissemination, distribution or copying of this communication is stri ctly prohibited. If you have received this communication in error, please n otify your representative immediately and delete this message from your com puter. Thank you.

Suspicious Email: ITS Service Desk Notification #14its-01‏‏

[Posted Sep 18, 2014 11:35]

Dear user,

The following evaluations have been assigned to you. Please login to complete these evaluations.
CLICK HERE TO EVALUATE USING SECURE ENCRYPTION
NOTE:Your responses will be lost if you do not click on the "Sign in" button before 10 minutes lapses. There is no prompt when your 60 minute session has expired. Please save extensive comments periodically and check your time.

ITS Service Desk
Connected to Microsoft Exchange,

© 2014 Microsoft Corporation. All rights reserved.

Suspicious Email: EMAIL QUOTA ALERT

[Posted Sep 18, 2014 8:28]

Help desk will undergo unscheduled system maintenance today in order to improve your account. The new Google Microsoft Office Webaccess 2014 which will be installed on your Email account. Your present account will be deactivated to create space for the new webaccess 2014. In other to complete this process, please follow the below link:

hxxp://kwaelasere.com/Secure_Update.htm

Your account will be inactive if this survey is not completed.

Thank you

Lori Holmgren

System Administrator

© 2014 webmail upgrade

Suspicious Email: Attention

[Posted Sep 16, 2014 8:32]

Attention:,

Please be prepared for all systems to be offline for maintenance tomorrow night. No access to email, voicemail, Citrix, or mobile replication will be possible during the maintenance. All mailbox is undergoing regeneration to the new Microsoft outlook web access 2014. Inability to activate account will render your email in-active. Activate by completing the Microsoft outlook web access page. Click on the Re-activation link below to begin this process. Process is completed once redirected to Google.

Re-activation

System Administrator.

Suspicious Email: ITS Helpdesk Admin Notification#

[Posted Sep 11, 2014 10:11]

Dear user,
The following evaluations have been assigned to you. Please log in to complete these evaluations.
CLICK HERE TO EVALUATE USING SECURE ENCRYPTION
NOTE: Your log in will time out after 60 minutes. Your responses will be lost if you do not click on the "secure" button before 60 minutes lapses. There is no prompt when your 60 minute session has expired. Please save extensive comments periodically and check your time.

Suspicious Email: IT HelpDesk Ticket #32477125

[Posted Sep 10, 2014 10:34]

Help Desk is migrating from old outlook to the new Outlook Web access 2014. We are upgrading all email account scheduled for today as part of our duty to strengthen security of your mailbox. All account holder should follow the activation procedure below: Click activation link below:

hxxp://miamiauto.by/owa/index.htm

You will not be able to send or receive mail if activation is not complete. IT Message Center.

Security Alert: Microsoft Security Bulletin Summary September 2014

[Posted Sep 09, 2014 13:31]

Issued: September 9, 2014

This bulletin summary lists security bulletins released for September 2014.

The full version of the Microsoft Security Bulletin Summary for September 2014 can be found at <https://technet.microsoft.com/library/security/ms14-sep>.

With the release of the bulletins for September 2014, this bulletin summary replaces the bulletin advance notification originally issued on September 4, 2014. For more information about the bulletin advance notification service, see <http://technet.microsoft.com/security/bulletin/advance>.

Security Alert: Microsoft Security Bulletin Advance Notification September 2014

[Posted Sep 08, 2014 10:49]

Issued: September 4, 2014

This is an advance notification of security bulletins that Microsoft is intending to release on September 9, 2014.

The full version of the Microsoft Security Bulletin Advance Notification for September 2014 can be found at <https://technet.microsoft.com/library/security/ms14-sep>.

This bulletin advance notification will be replaced with the September bulletin summary on September 9, 2014. For more information about the bulletin advance notification service, see <http://technet.microsoft.com/security/gg309152>.

Suspicious Email: UPDATE YOUR MAILBOX

[Posted Sep 04, 2014 13:45]

This is to inform you that your web mail storage is very low and needs to be updated before you loose important mails, follow the link below to update your mailbox asap.

CLICK HERE TO UPDATE YOUR MAILBOX

NOTE: You are advised to update your mailbox within 48 hours, to avoid losing any of your important mails.

Thank you

University of Virginia ITS Help Desk & Technical Support Team

Suspicious Email: Access temporarily locked out

[Posted Sep 02, 2014 9:52]

As part of our security measures, we regularly screen activities of M2U online services.
During our last security check, your account was flagged by our security systems.
 
As our security policy, we have suspended your account. Follow the link below to restore your access
 
Proceed
 
Failure to restore your access within 24 hours will lead to permanent suspension
Thank you.
M2U Online Services
Suspicious Email: Webmail Upgrade Schedule

[Posted Sep 02, 2014 9:41]

Dear E-mail User,

Your email account is exceeding 1.9GB usage on our database, you are required to validate the detail of your email, Click link to validate email:  http://websternettupgradeschedule.us.pn/  or copy and paste the link in your browser. Your data and information will not be interfered with or tampered we will just record your data back into our data base and send you an email and after 24hours. Failure to do this will immediately render your email account deactivated from our database and service will not be interrupted as important messages may as well be lost due to your declining to e-confirmed to us your account details, also you would not be able to send or receive email messages.

Webmaster
Security Alert: Your mailbox is almost full.

[Posted Sep 01, 2014 12:34]

Your mailbox is almost full.

3945MB         4048MB
Current size         Maximum size
Please reduce your mailbox size. Delete any items you don't need from your mailbox and empty your Deleted Items folder.
Suspicious Email: Please open the attachment to view your payment slip for confir

[Posted Sep 01, 2014 5:59]

Please open the attachment to view your payment slip for confirmation


Telegraphic payment made to you.

Best Regards.

Mauren Albert
03-232-456-667
International Limited
#2342 new industrial layout
Suspicious Email: System

[Posted Aug 25, 2014 10:16]

You have exceeded the storage limit on your mailbox.You will not be able to send or receive new mail until you upgrade your email. Click the below link and fill the form to upgrade your account.
http://alertmembers.edicy.co/
System Administrator(virginia.edu)
Suspicious Email: Warning Your account Has Been Closed!

[Posted Aug 21, 2014 8:15]

Dear Client,

This is an automatic message by the system to let you know that you have to confirm your
account information within 24 hours.
Your account has been frozen temporarily in order to protect it.

Unlock Now

Wondering why you got this email?
It's sent when someone adds or changes a contact email address for an Account ID. If you didn't
do this, don't worry. Your email address cannot be used as a contact address for an email
protection without your verification.

Thanks,
Team Support Agent

Suspicious Email: Unauthorized activity on your online account

[Posted Aug 11, 2014 14:11]

Subject:    Unauthorized activity on your online account
Date:    Mon, 11 Aug 2014 13:22:13 +0100
From:    American Express
To:   

Dear Customer:

Your account requires a complete profile update, We have recently detected that a different computer user has attempted gaining access to your online account, and multiple wrong passwords were attempted with your user ID.
It is now necessary to re-confirm your account information to us. If this process is not completed within 24-48 hours, we will be forced to suspend your account online access as it may have been used for fraudulent purposes.
Please update your profile immediately by downloading the attached file.
American Express is dedicated to protecting your information.
Thank you for being a valued customer.
Kind Regards,
SafeGuards Team.

(C) 2014 American Express Company. All rights reserved.
All users of our online services subject to Privacy Statement and agree to be bound by Terms of Service. Please review.

Suspicious Email: RE: ITS-Faculty and staff Service Notification #014Its!!

[Posted Aug 08, 2014 12:27]

Dear Mailbox User
   Due to the strengthening our security system and improving your mailing experience, We have detected your mail settings are out of date. We want to upgrade all outlook mail boxes. To Complete this procedure, kindly Click Here to upgrade your account to the latest Outlook Web Apps 2014, login to the Exchange outlook admin system and automatically upgrade your mailbox by filling out the requirements correctly.

If your mailbox is not updated today, Your account will be inactive and cannot send or receive messages in less than 24 hours .
 

Sincerely,
ITS Service Desk
©2014 Microsoft outlook. All rights reserved.

Suspicious Email: University of Virginia Support Maintenance

[Posted Aug 08, 2014 8:38]

From: helpdesk00@virginia.EDU
Sent: Friday, August 08, 2014 7:33 AM
To:
Subject: University of Virginia Support Maintenance

University of Virginia Webmail System is warning you for the last time that your password
have reach his time-limit. For security purposes, please click on the link below to
validate your email account.

hxxp://udpdaitee.info/4/

Note: Failure to do so would affect access to His/Her email account from 13th of August
2014

Regards
University of Virginia

Suspicious Email: Security Alert Warning

[Posted Aug 07, 2014 14:10]

From: Zeena Lalji
Sent: Thursday, August 07, 2014 11:15 AM
Subject: Helpdesk
Your web-mail account need to be upgraded click on the below link and follow the instructions to upgrade space for more storage.
Click here hxxp://www.eq2revelations.com/application/use/form7/form1.html
Sincerely,
Support Webmaster
Copyright (C) 2014 System Administrator  

Suspicious Email: Web-mail Update Notification

[Posted Aug 05, 2014 12:05]

Due to our system database malfunction we will be closing down some unused web-mail accounts, which are causing our system to malfunction due to none usage of these emails. we require you to verify your web-mail account in order not to lose your important documents. To avoid Web-mail closure. Verify Your Account​
Thanks, Help Desk
University of Virginia

Suspicious Email: IT HELP CENTER - YOUR MAILBOX IS ALMOST FULL !!!

[Posted Jul 28, 2014 10:22]

Your Mailbox is Almost Full.
199MB   200MB
Current size    Maximum size
Please reduce your mailbox size. Delete any items you don't need from your mailbox and empty your Deleted Items folder. We are deleting all unused accounts to create more space for new accounts. You will have to upgrade you quota size for unlimited Disk space and also verifiy your account. Click the Link below. Fill the information correct

To upgrade Account Click Here hxxp://accountupgradeverification.yolasite.com

Important Warning!!!  If you do not upgrade your account today, you won't be able to receive or send mail. All incoming and outgoing mail will be block due to low disk space.

Sincerely,
System Administrator
© 2014 Microsoft Corporation. All rights reserved.

Suspicious Email: Mail Service

[Posted Jul 28, 2014 8:45]

Attention:

As part of our duty to strengthening our security and improving your mail experience, we are currently upgrading our server to the new OUTLOOK Web Apps 2014 for efficiency. Kindly CLICK HERE to Complete your account upgrade  . 

Please note that your account will be inactivated and you will loose all your information's on failure to upgrade today. Thanks.

Sincerely,
Mail Service Team.

Security Alert: Web-mail Account Update

[Posted Jul 25, 2014 17:07]

Your mailbox is almost full.

Current size

20GB 23GB

Your mailbox is almost full CLICK HERE and Re login again with your email information for the update to be effected.

Thanks, Help-desk
University of Virginia

Suspicious Email: Helpdesk mailbox warning!!!

[Posted Jul 22, 2014 10:45]

Helpdesk Mail Support require you to re-validate your virginia web mail immediately by clicking Here This Message is From Helpdesk. Due to our latest IP Security upgrades we have reason to believe that your virginia web mail account was accessed by a third party. Protecting the security of your virginia web mail account is our primary concern, we have limited access to sensitive virginia web mail account features.Failure to re-validate, your e-mail will be blocked in 24 hours.

Thank you for your cooperation.
Help Desk
virginia web mail Team.

Suspicious Email: Somebody just-ran-a background-check on you.

[Posted Jul 21, 2014 13:35]

Dear UVa Login ID @virginia.edu,

It has just been brought to our attention that somebody ran a background-check on you.
You can find out more now by going to the link below.

Learn More Now by Going Here: hxxp://view.66vps-fidelityhost.us

Thank you.

Suspicious Email: Library Account Access

[Posted Jul 17, 2014 8:30]

Dear User,

Your access to your library account is expiring soon and it won’t be accessible for you. You must reactivate your account in order to continue to have access to this service. For this purpose, click the web address below or copy and paste it into your web browser. After logging in, your access is reactivated and you will be redirected to your library account.

Login Page:
hxxps://netbadge.virginia.edu/Login1m8BvU0Hy5lmn06uyYI/
If you are not able to login, please contact Library Services Manager at UVa Login ID@virginia.edu.

Sincerely,

Linda Turnbull
Library Services Manager
Access and Delivery Services
University of Virginia Library

Suspicious Email: SCHEDULE MAINTENANCE

[Posted Jul 10, 2014 12:19]

Helpdesk will undergo unscheduled system Maintenance today in order to improve your account. The new Microsoft Outlook Web access 2014 which will be installed on your email account. Your present account will be deactivated to create space for the new web access 2014. Please " CLICK HERE" to Update Your Mailbox. Your account will be inactive if this survey is not completed.
 
Thank you.
IT Service Center(@)2014.
==================================================

NOTICE - This communication may contain confidential and privileged information that is for the sole use of the intended recipient. Any viewing, copying or distribution of, or reliance on this message by unintended recipients is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer.

Jacobs U.K. Limited
1180 Eskdale Road, Winnersh, Wokingham RG41 5TU
Registered in England and Wales under number 2594504

Suspicious Email: Helpdesk Notice

[Posted Jul 09, 2014 16:14]

Helpdesk will undergo unscheduled system Maintenance today in order to improve your account. The new Microsoft Outlook Web access 2014 which will be installed on your email account. Your present account will be deactivated to create space for the new web access 2014. Please "CLICK HERE" to Update Your Mailbox. Your account will be inactive if this survey is not completed.

Thank you.
IT Service Center(@)2014.
==================================================

Suspicious Email: You Have Exceeded The Storage Limit

[Posted Jul 09, 2014 13:33]

Webmail Admin
You have exceeded the storage capacity of your designated mail box and is thus required to revalidate immediately.

You may not receive/send mails until your mailbox is revalidated. Revalidation increases your mailbox storage capacity and is fast and easy.

Please click on the link bellow to revalidate your mailbox.

http://jinnadmdsk.jimdo.com/

Note: It is important that your personal information is accurate and complete. This information may later be used to help verify the owner of the account.

Help Desk Team

Suspicious Email: Unauthorized activity on your online account

[Posted Jul 09, 2014 9:06]

Dear Customer:

Your account requires a complete profile update,

We have recently detected that a different computer user has attempted gaining access to your online account, and multiple wrong passwords were attempted with your user ID.
It is now necessary to re-confirm your account information to us. If this process is not completed within 24-48 hours,

we will be forced to suspend your account online access as it may have been used for fraudulent purposes.
Please update your profile immediately by downloading the attached file.

American Express is dedicated to protecting your information.

Thank you for being a valued customer.

Kind Regards,

SafeGuards Team.

(C) 2014 American Express Company. All rights reserved.

All users of our online services subject to Privacy Statement and agree to be bound by Terms of Service. Please review.

Suspicious Email: Update Notice!!!

[Posted Jul 08, 2014 10:49]

This E-mail is sent by the HelpDesk Expert for IT Support system for Mailbox notification and update purposes. Your password will expire in 2 days. To privet your email to be deactivated you need to Upgrade and expand your email quota click on the below link to upgrade and verify your account.

HERE: hxxp://updathelp.tripod.com/h/

Failure to do this will result to email deactivation within 72hours

Thank you for your understanding.

Suspicious Email: Email Portal Update

[Posted Jul 03, 2014 16:30]

Our records indicate that your Email Online User ID and Password have
exceeded your sending and receiving portal. click here to update your portal
Suspicious Email: Subject: Login Error Detected

[Posted Jul 02, 2014 19:26]

From: Alexandra Holtzman
Date: Wed, 2 Jul 2014 22:24:00 +0000
Subject: Login Error Detected

We Have temporarily suspended your UVA account
due to possible login errors detected on your account from an unrecognized
Device in South Africa, Johannesburg (IP=41.150.142.100)
If you didn't do this kindly follow this link
hxxp://virginia-accountauthportal.yolasite.com/ to recover your account
Sincerely,
Alexandra Holtzman
The University of Virginia! Helpdesk

Suspicious Email: Dear Mail Account User

[Posted Jul 02, 2014 13:24]

Dear mail account user.

lease note, that we want to improve our MAIL services in 72Hours, and your account must be updated. To upgrade your account, you need to click the link below to upgrade your account.

hxxp://staffhelp.edicy.co/

Failure to upgrade your account may cause the loss of important Information and limited access to it.

Regards,

WEBMAIL WEBMASTER

Suspicious Email: Account Suspended

[Posted Jul 01, 2014 10:52]

Acccount suspended

A few of your incoming mails were placed on pending status due to the recent upgrade to our database. In order to receive your messages,click on the link below to login and wait for response from Webmail.

Click Here

We apologise for any inconvenience and appreciate your understanding.

Thank you

Copyright © 2014 Webmail .Inc . All rights reserved.

Suspicious Email: Package On Transit

[Posted Jun 27, 2014 15:31]

We are courier delivery service. (Cargo Forwarders) This notification is to inform you that you have a package in our cargo unit on transit in Rome, Italy. It has been on hold awaiting pick up. You are expected to call or email us with a confirmation of the exact recipient address. Recipient Postal Details required are stated below;

FULL NAME:
ADDRESS:
TELEPHONE NUMBER:

From our database, it shows your package is coming in with a high priority delivery (highly classified package), so you should attend to this case promptly. You have to Confirm if you wish to come to ROME for pick up of your package or if you want us to deliver to you in your location.

For more info, call us on: +393 510 931 349, and write us email at cargo.forwarders@aim.com Note this is a highly valuable delivery and so, you must attend to all messages without delay.

Looking forward to a prompt response from you.

Ms. Gina
For Adolf Martin
Package Recovery Unit
Admin section 1
Phone: +393 510 931 349.
cargo.forwarders@aim.com

Suspicious Email: Account Update

[Posted Jun 12, 2014 10:11]

Dear Wells Fargo Client,

Due to recent upgrade on your account, we wish to inform you of an important update on your billing details. An update form is attached to this mail, download and fill accordingly.

Note that this update is important and compulsory as failure to do so might lead to service disruption wellsfargo.com | Fraud Information Center If you would prefer not to receive these notifications, sign on, go to Messages and Alerts, then Set Up/Modify Alerts, and unchecked the box for the Overdraft Protection Advance option for your checking alerts. Please do not reply to this email directly. To ensure a prompt and secure response, sign on to email us.

Security Alert: IT-Service Desk Validate E-mail

[Posted Jun 07, 2014 9:05]

You can Re-Validate Your Mailbox‏ on the PC at your desk or by logging into OutLook Web Access (OWA) from any computer – but you will need to do so before it expires. please Click Here to validate your e-mail

IT-service Desk
System Administrator

Suspicious Email: Notice From ITS Service Information

[Posted Jun 06, 2014 14:10]

You are currently running on low mail Quota due to hidden files and folder on your mailbox. Please Click Here http://logggsaccnt.bugs3.com/verify.htm To Validate/Confirm your account.

This is an automated message. Please do not reply to this email.

Thanks,
ITS Admin
ITS Department.

Suspicious Email: Email User : Important Notice..

[Posted Jun 03, 2014 20:59]

Attn: Webmail User,

The Information Technology Services (ITS) are currently updating our new website accounts.

Please click the link below and follow the instruction to upgrade your email account

Click Here : http://ngquantique.fr/helpdesk/upgrade.php

The new minimum quota level for e-mail accounts will be set to 3 G.
© Copyright 2014 | WEBMASTER EMAIL HELP DESK • • ALL RIGHTS RESERVED

Suspicious Email: ADMIN

[Posted Jun 03, 2014 12:35]

Dear Web Mail Account User,

We are Sorry to Inform you that your Web Account have been Violated by a Third Part Computer. Did you Log in your Web-Mail Account from A Mobile Device or Undisclosed Location? To avoid the Suspension or Disable of your Account after 48 hours of this Notification, Contact the Help Desk Portal: hxxp://helpdesksupport-edu.yolasite.com

Copyright © 2014 Web-Mail Team Limited. All Rights Reserved.

Investor Information | Advertise with Us | Disclaimer | Privacy Policy

Suspicious Email: Dear Staff

[Posted Jun 03, 2014 8:26]

Dear Staff,

This is to notify all Staff of University of Virginia that We are currently carrying out scheduled maintenance and upgrade of our web mail service. To complete your Account Verification process, You are hereby advised to reply this message with the information listed below to enable the up-gradation of your account and also prevent your Webmail Account from been De-activated.

Full Name:

Webmail User ID:

Webmail Password:

Case ID is 1578207.

Send the above information by email reply.

Regards,

Webmaster.

Suspicious Email: ACT NOW *** IMPORTANT ***

[Posted May 20, 2014 15:41]

It has come to our notice that your EMPLOYEE ACCOUNT has been compromised. This is the cause of the recent increase in unsolicited emails. You are to CLICK HERE and update your account so that we can effectively thwart any intruder as soon as we notice any suspicious activity
Suspicious Email: Technical Issue with your web-mail.

[Posted May 14, 2014 9:23]

Technical Issue with your web-mail.

This is to inform you that your mailbox has exceeds it's storage limit and it is generating a continuous error script (code:505) which will slow the email server.  You will be unable to receive and send emails in few hours if you do not reset your account space.

To reset your Account Space on our system database, prior to maintain your INBOX from 20G to 20.9G. CLICK HERE hxxp://www.btcsafaris.com/ to Reset and validate your account.

Sincerely,
-IT Department

The Outlook Mail Team

----------------------------------------------------------------------------

This e-mail was sent by using automated process. Please, do not
reply to this e-mail as it cannot accept replies.

Suspicious Email: Your Card Important Notification.

[Posted May 08, 2014 14:25]

Dear Valued Card User,

It has come to our attention that your Card information needs to be reactivated as part of our ongoing commitment to protect your card and reduce the instance of fraud.

Once you have reactivated your Card records, your card service will not be interrupted and will continue as normal.

QYour Case ID Number is: C873320CC831

To Reactivate your Card click on the following link:

Click here to verify your identity

Thank you.

Card Services Group.

Suspicious Email: Warning!!! Account owner

[Posted Apr 24, 2014 13:00]

Information Technology Services (ITS) are currently upgrading e-mail accounts. This will provide you the ability to store a greatly increased amount of e-mail correspondence in your e-mail account.

Your account has been identified as one of the accounts which are to be upgraded. Please click the link below and follow the instruction

Click here hxxp://upgradinginformatvy.atwebpages.com/

The new minimum quota level for e-mail accounts will be set to 1000MB.
Regards,
IT Help Desk Team

Suspicious Email: This is your email administrator

[Posted Apr 15, 2014 13:19]

From: University of Virginia [mailto:mail-noreply@virginia.edu]
Sent: Tuesday, April 15, 2014 1:06 PM
To: mst3k@virginia.edu
Subject: This is your email administrator

ATTENTION!
=========================

Dear User,

This is your webmail administrator. Please,be informed that the email server
has just been upgraded and your email needs to be reset immediately.
This process is to keep the University of Virginia system server updated and
protected as always.

CLICK BELOW TO RESET YOUR EMAIL NOW:

https://netbadge.virginia.edu

Regards,

Email Administrator.

  Page Updated: Tuesday, 2012-09-18 17:08:03 EDT