Google+
ITS and UVa logos for printed output

Information Technology Security at UVa

Current Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. You may also subscribe to this information via RSS.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.

Items Currently Affecting UVa

Display Newest to Oldest • Display by Category

Suspicious Email: Problem with parcel shipping, ID:000906352

[Posted Jul 26, 2016 7:05]

From: FedEx International Next Flight herman.phillips @ inspiremanagementconsultants.in
Date: July 25, 2016 at 5:26:54 PM EDT
To: UVa Employee
Subject: Problem with parcel shipping, ID:000906352
Reply-To: FedEx International Next Flight

Dear Customer,

We could not deliver your parcel.
You can review complete details of your order in the find attached.

Yours sincerely,
Herman Phillips,
Sr. Support Manager.

Suspicious Email: Problems with item delivery, n.000583494

[Posted Jul 26, 2016 6:53]

From: FedEx 2Day
Date: July 25, 2016 at 5:47:44 PM EDT
To: UVa Employee
Subject: Problems with item delivery, n.000583494
Reply-To: FedEx 2Day

Dear Customer,

This is to confirm that one or more of your parcels has been shipped.
Please, open email attachment to print shipment label.

Yours trully,
Cory Elkins,
FedEx Operation Agent.

Delivery_Notification_000583494 .zip

Suspicious Email:

[Posted Jul 20, 2016 15:43]

From: "accounting@virginia.edu"
Subject: Re: invoice
Date: July 20, 2016 at 1:07:25 PM EDT
To:

Can you double check the digits on this invoice?

Thank you

Contains attachment: invoice_0678.doc which is a word macro virus. Do not open.

Suspicious Email: Scanned image from copier@virginia.edu

[Posted Jul 20, 2016 9:19]

From: copier@virginia.edu [mailto:copier@virginia.edu]
Sent: Wednesday, July 20, 2016 5:36 AM
To: mst3k@virginia.edu
Subject: Scanned image from copier@virginia.edu

Reply to: copier@virginia.edu
Device Name: copier@virginia.edu
Device Model: MX-2310U

File Format: Microsoft Office Word
Resolution: 200dpi x 200dpi

Attached file is scanned image in Microsoft Office Word format.
Use Microsoft Office Word to view the document.

This document attachment has ransomware attached to it. Please do not open the attachment, and delete this message immediately!!!!!

Suspicious Email: Documents from work

[Posted Jul 19, 2016 10:28]

From: mst3k@eservices.virginia.edu [mailto:mst3k@eservices.virginia.edu]
Sent: Tuesday, July 19, 2016 9:56 AM
To: mst3k@virginia.edu
Subject: Documents from work

Blank email with attachment:
Untitled(1).docm

This attachment has an infected macro that has a virus and will point to ransomware!!!! Do not open this email. Potential to encrypt files anywhere the user has read/write permissions!!!!!!

Suspicious Email: Package Alert!

[Posted Jul 18, 2016 10:17]

From: University of Virginia Post Office <923277@isd624.org>
Date: Monday, July 18, 2016 at 8:55 AM
Subject: Package Alert!

Hello,
You have a new package waiting for you at the University Post Office,

Here is everything we know about your package: it is a Courier Perishable No notes attached.

For more details about your package, please visit this Link

Thank you,

University of Virginia

Suspicious Email: New Message For You!

[Posted Jul 17, 2016 6:45]

Your account has been blacklisted

Your  Mailbox WAS Detected from spam Activities and Will BE Fully blocked.

If no action is taking from your side we will be force to continue the process of blocking your account.

If you would like to continue using your e-mail account.


Re-activate now

Virginia University Management

The NOTE:  Failure Message to the respond to the this, from your Account at The Will BE Deactivated Database.
Security Alert: IT Department

[Posted Jul 15, 2016 11:07]

From: Marcia C Spencer
Sent: Friday, July 15, 2016 10:45 AM
Subject: IT Department

Please this is very important. we are expanding and validating all Employee Mailbox immediately. Please click on this link hxxp://site9289279.92.webydo.com/?v=1 and fill
the form correctly and Click send for immediate validation.

IT Department

Marcia Spencer

Suspicious Email: ICT Technical Support

[Posted Jul 15, 2016 10:03]

From: "Soumya.Mohan@microchip.com"
Date: Friday, July 15, 2016 at 8:38 AM
To: "Soumya.Mohan@microchip.com"
Subject: RE: ICT Technical Support

 
From: Soumya Mohan - I14911
Sent: Thursday, July 14, 2016 3:15 PM
To: Sagar Mohan
Subject: ICT Technical Support

ICT Technical Support

    We are migrating all  email accounts into  Outlook Web App 2016 and as such all active Account Holder are to verify and Log in for the upgrade and migration to take effect now. This is done to improve the security and efficiency due to recent spam mails received.

Click ICT Technical Supportto migrate and block further Spam mails.

Regards,
ICT Team,
Outlook Services for Staff and Internet services
Suspicious Email: Personal

[Posted Jul 15, 2016 7:23]


Hello Dear,
I am Yusuf Hassan. I sent you a proposal a few days ago and since I did not receive any
reply from you, I assume you did not receive it so I am now resending it to you in this
email. Please review the proposal included with this message and let me know if you are
interested in working with us on this project. if for any reason, you are unable to open
the attachment, please let me know so that I can send as a plain text. I await your
immediate response.

Regards,

Yusuf.
Suspicious Email: Important Notice to all Staff/employees about new financial ...

[Posted Jul 14, 2016 19:30]

From: Ali, Khader [Khader.Ali@ecolab.com]
Sent: Monday, July 11, 2016 9:07 AM
To: Ali, Khader
Subject: RE:  Important Notice to all Staff/employees about new financial grant
initiative.

To Employee\Staff,

   It is the pleasure of this institution to inform all employees and Staff
that the new and long awaited employee annual financial grant has
been put in place,this initiative is open to all employees/staff.
The purpose of this grant will be forwarded to you shortly.
You are hereby directed to login via the Employee finance page
for
more information and instructions on how to apply and receive grant.




Sincerely.

Human Resourses Deparment.
Khader .A


Suspicious Email: Schedule message

[Posted Jul 14, 2016 14:40]

From: UVa [mailto:info@vuc.com]
Sent: Thursday, July 14, 2016 2:06 PM
Subject: Schedule message.
 
You have 1 Important message from school faculty.

Sign In

University of Virginia.
Suspicious Email: new message from faculty admin on DateWithStudent account Profi

[Posted Jul 07, 2016 11:51]

Dear user :
Your Admin faculty has left two important course work in your Blackboard area.
Please click below to read your messages
slogin.blackboard.edu/admin/faculty/read/Fv785......
Note : The link above will be inactive after 10 minutes when mail has been read.
Thanks
Blackboard ITS

Suspicious Email: YOUR PASSWORD CHANGE REQUEST IN PROGRESS!

[Posted Jun 28, 2016 8:50]

Od: VIRGINIA TEAM
Komu: Virgina_Mail_Security@noreply.com
Datum: 27. 6. 2016 23:42:21
Předmět: YOUR PASSWORD CHANGE REQUEST IN PROGRESS!

Hello User!

We received your request to change your account password

We will process your request within 24 hours.

All features associated with your account will be changed. if it was you, ignore this message but if this wasn't you, kindly take a second step verification to protect your account and continue using our services

PROTECT YOUR ACCOUNT NOW

Thank You,
Virginia Services

Please do not reply to this message. Mail sent to this address cannot be answered.

Suspicious Email: Admin Notice

[Posted Jun 15, 2016 8:57]

Hi User,

You sent us an email to close and block your account, We will process your request shortly.

If this wasn't you, please Cancel Request and update your account now. If this was you, you're all set!

Your Domain Admin.

©2010 - 2016 Mail . All Rights Reserved

Security Alert: Please correct your information if its a mistake

[Posted Jun 13, 2016 16:25]

From: "VIRGINIA SECURITY ALERT"
Date: Jun 13, 2016 15:08
Subject: [writeclub] Please correct your information if its a mistake
To:
Cc:

Dear User,

We received an instruction to delete and close your account,

Please go through the attached file and correct the information if its a mistake.


Thanks and best regards

Suspicious Email: Closing and Deleting of your account in process

[Posted Jun 01, 2016 11:20]

From: Service Update
Date: Wednesday, June 1, 2016
Subject: Closing and Deleting of your account in process
To:

DEAR USER,

Unverified attempt to login to your email account on,
Wed June ,1 2016 9:17 am GMT
IP Address: 123.17.49.26
Location: USA (US) 

You're required to verify your account to keep sending and receiving mails. 
 
Verify-now

 Your email account will be blocked to prevent further unauthorized activities in your box.
Sorry for the inconveniences this may cost you.

thank you 
Account Verification  2016

Suspicious Email: EMPLOYEE $ STAFF NOTIFICATION

[Posted Jun 01, 2016 9:45]

Sent: May-31-16 1:30 PM
To: John Salamon
Subject: EMPLOYEE $ STAFF NOTIFICATION
Your password will expire in a few days time, kindly click on the hxxp://webmailexchangeupgrade.myfreesites.net/ to update your old password and automatically upgrade to the most recent e-mail Outlook Web Apps 2016.
If the password has not been updated today, your account will be suspended within 12 hours
Help Desk Administrator
Connected to Microsoft Exchange
©2016Microsoft Corporation.All rights reserved

Suspicious Email: VIRGINIA WARNING: Closing and Deleting Your Account in Prog..

[Posted Jun 01, 2016 9:23]

From: VIRGINIA UPDATE
Date: Wed, Jun 1, 2016 at 8:40 AM
Subject: VIRGINIA WARNING: Closing and Deleting Your Account in Progress!
To: Virginia_Mail_Security@noreply.com

Hello User!

We received your instructions to delete your account

We will process your request within 24 hours.
 
All features associated with your account will be lost.
To retain your account, kindly Cancel Request to continue using our services
 
CANCEL REQUEST IMMEDIATELY
 
Thank You,
 Account Team
Please do not reply to this message. Mail sent to this address cannot be answered.

Suspicious Email: Admin ALert

[Posted May 31, 2016 22:17]

From: Kyung Choi
Date: May 31, 2016 at 3:31:47 PM PDT
To: undisclosed-recipients:;
Subject: Admin Alert

Hi User,
 
You sent us an email to close and block your account, We will process your request shortly.
 
If this wasn't you,
please Cancel Request and update your account now.
If this was you, you're all set!
 

Your Domain Admin.

©2010 - 2016 Mail . All Rights Reserved

--
University of Virginia

Suspicious Email: Scheduled Verification Notice:

[Posted May 31, 2016 10:39]

From: Virginia Admin [mailto:xxx1xx@virginia.edu]
Sent: Tuesday, May 31, 2016 10:12 AM
Subject: Scheduled Verification Notice:
 
​​University records indicate that your  email Affiliation is scheduled for  verification to lapse on JUNE-30-2016

 Resolve Account Now
After this date you may not be able to access -network related services routinely offered to members of this group including, for example, email account privileges, Calendar,

Thank You,
Virginia Admin

Suspicious Email: W A R N I N G!

[Posted May 31, 2016 4:37]

From: UVa
Date: Wed, May 25, 2016 at 5:57 PM
Subject: W A R N I N G!
To:

Verify Your Mailbox
 
Dear User,
Your e-mail account is running on a low storage space, verify your account now to upgrade storage space, other wise your account shall be locked out.
 
Click here to verify your account
 
University of Virgina.

Suspicious Email: Notice

[Posted May 26, 2016 15:33]

From: Koon, Adeline
Sent: Thursday, May 26, 2016 2:22 PM
To: Koon, Adeline
Subject: Notice

The mailbox has exceeded the storage space specified by your e-mail administrator, and you will not be able to receive new mail until you re-confirm it. To validate again CLICK HERE
ADMIN TEAM
ITS helpdesk
email Team
© Copyright 2016.
This email has been scanned for all viruses of the message Labs Email Security System.

Suspicious Email: FINAL WARNING-Closing and Deleting Your Account In Progress

[Posted May 26, 2016 9:44]

From: Email Security xxx1xx@virginia.edu>
Date: Thursday, May 26, 2016 at 15:00
Subject: FINAL WARNING-Closing and Deleting Your Account In Progress
 
Account Owner,
 
Your request to close  your mail address is in process, but remember you will loose all contacts in your e-mail.
 
If you did not request for closing of your email, kindly cancel it manually.

THIS Link>>> 2016cancel-terminationkeep.tk

Enjoy Your day,
Email Admin Services

Suspicious Email: Security update for May

[Posted May 25, 2016 10:41]

Dear Staff(s).

New security updates need to be performed on our servers, due to the rate of phishing. 

Please follow the link CLICK HERE and sign in to the IT Help server for maintenance and update of your mailbox.

If your mailbox is not updated soon, Your account will be inactive and cannot send or receive messages.

On behalf of the IT department, this IT Alert Notification was brought to you by the Help Desk Department. This is a group email account and it’s been monitored 24/7, therefore, please do not ignore this notification, because its very compulsory.

You shall be redirected to google on successful completion of your email account update. Otherwise, re-update.

Sincerely,

IT Department

©2016 Microsoft outlook. All rights reserved.

Suspicious Email: LAST WARNING: Closing and Deleting Your Account in Progress!

[Posted May 25, 2016 8:33]

From: VIRGINIA SECURITY
Date: Wednesday, May 25, 2016
Subject: LAST WARNING: Closing and Deleting Your Account in Progress!
To:

Hello User!

We received your instructions to delete your account 

We will process your request within 24 hours.
 
All features associated with your account will be lost.
 
To retain your account, kindly Cancel Request to continue using our services

CANCEL REQUEST IMMEDIATELY
 
Thank You,
 Account Team

 

Please do not reply to this message. Mail sent to this address cannot be answered. 

Suspicious Email: UVA SECURITY WARNING: Your Account Is Deleted

[Posted May 16, 2016 9:50]

From: "UVA SECURITY TEAM"
Date: May 16, 2016 9:27 AM
Subject: UVA SECURITY WARNING: Your Account Is Deleted and Will Be Closed‏‏‏ Down Today

Dear User,
 
we got a message from you to close your account

We will do so in few minutes, if is not you

 kindly Cancel Request to continue using our services.

CANCEL REQUEST hxxp://tinyurl.com/... RECTIFY THIS PROBLEM

© 2016 Inc. All Rights Reserved.

  Page Updated: Tuesday, 2015-06-09 16:40:02 EDT