Google+
ITS and UVa logos for printed output

Information Technology Security at UVa

Current Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. You may also subscribe to this information via RSS.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.

Items Currently Affecting UVa

Display Newest to Oldest • Display by Category

Suspicious Email: VIRGINIA WARNING: Closing & Deleting Your Account in Progress!

[Posted Sep 25, 2016 18:09]

From: VIRGINIA SECURITY INFORMATION
Date: Sun, Sep 25, 2016 at 5:43 PM
Subject: VIRGINIA WARNING: Closing & Deleting Your Account in Progress!
To:
Message contains a virus pdf attachment do not open.

Dear User,

We received your request about your Virginia e-mail account to be SHUT-DOWN,

Please check attached for your e-mail details re-confirmation.

Thanks
Virginia E-mail Admin Services
2016 mail Inc. All Rights Reserved

Suspicious Email: ITS-HELPDESK

[Posted Sep 23, 2016 11:43]

From: Diaz, Jennifer [mailto:xxx @pace.edu]
Sent: Friday, September 23, 2016 10:43 AM
Subject: ITS-HELPDESK

Our general system upgrade is in progress for re-validation of our web-mail users and providing better access to our services, we are deactivating all idle accounts, for confirmation of your account CLICK-HERE for your web-mail re-validation.

Help-desk Administrator.

Suspicious Email: Review Your Payroll.

[Posted Sep 22, 2016 17:06]

From: UVA Human Resources
Subject: Review Your Payroll.
Date: September 22, 2016 at 4:45:51 PM EDT
To: Undisclosed recipients:;

Hello,
New information about Your Payroll is available to view below.

VIEW hxxp://prepalangues.sejours-atl.fr/txxxt.php

Regards,
Faculty Information Officer.

Suspicious Email: DHL AIRWAY PACKAGE CN-273366383837US

[Posted Sep 16, 2016 9:39]

From: DHL
Date: Fri, Sep 16, 2016 at 7:54 AM
Subject: DHL AIRWAY PACKAGE CN-273366383837US
To:

A Package is coming your way through DHL.

Track your Package till it gets to your doorstep.
Tracking Number: CN-273366383837US
TRACK YOUR PACKAGE HERE

DHL Worldwide Delivery ©.

Suspicious Email: Virginia Mail Eservices

[Posted Sep 16, 2016 7:20]

From: Jette Kanneworff >
Date: September 15, 2016 at 7:02:53 PM EDT
To: Undisclosed recipients:;
Subject: Virginia Mail Eservices

Please Note that your Outlook Webmail Filter is not active. Kindly Update
Now To Get New Emails.

Suspicious Email: ICT Service Desk

[Posted Sep 15, 2016 14:10]

From: Allen R. Edlefson [mailto:are@riverwoodcenter.org]
Sent: Thursday, September 15, 2016 12:09 PM
Subject: ICT Service Desk
 
ICT Service Desk require you to upgrade to the latest e-mail Outlook Web Apps 2016, kindly Click on ICT Service Desk to upgrade to the latest e-mail Outlook Web Apps 2016

Connected with Microsoft Exchange
© 2016 Microsoft Corporation. All rights reserved​
 
CONFIDENTIALITY: The information contained in this electronic mail message and any attachments is intended only for the use of the individual or entity to whom it is addressed and may contain legally privileged, confidential information or work product. If the reader of this message is not the intended recipient, you are hereby notified that any use, dissemination, distribution, or forwarding of this email message is strictly prohibited.

Suspicious Email: Outlook Web Access

[Posted Sep 15, 2016 11:01]

De: Macia, Pablo (Zaragoza)
Enviado el: jueves, 15 de septiembre de 2016 16:06
Asunto: Outlook Web Access

Your Email Has Been Hacked, Current Faculty and Staff Should Log On To IT WEBSITE To Validate Your E-mail.
 
Information in this email and any attachments is confidential and intended solely for the use of the individual(s) to whom it is addressed or otherwise directed. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the Company. Finally, the recipient should check this email and any attachments for the presence of viruses. The Company accepts no liability for any damage caused by any virus transmitted by this email. All SGS services are rendered in accordance with the applicable SGS conditions of service available on request and accessible at http://www.sgs.com/en/Terms-and-Conditions.aspx

Suspicious Email: Help Desk

[Posted Sep 15, 2016 10:41]

From: David Wraith (Institute of Immunology and Immunotherapy) [mailto:D.Wraith@bham.ac.uk]
Sent: Thursday, September 15, 2016 10:37 AM
Subject: Help Desk
 
3843MB    3906MB
Current size    Maximum size
 
Dear Web-mail User
 
Please upgrade your mailbox size with the link below to avoid account disconnected.
 
>>> Click Here To Upgrade <<<
 
Don't ignore to avoid your email account from been disconnected from server admin...
Upgrade now to continue using your email account.
 
Help Desk

Suspicious Email: RE: Help Desk /Admin { Ticket: 1392016}

[Posted Sep 13, 2016 13:14]

Begin forwarded message:

From: "Wells, Dulce"
Subject: RE: Help Desk /Admin { Ticket: 1392016}
Date: September 13, 2016 at 11:12:41 AM EDT
To: "Wells, Dulce"
 
INSTRUCTION:

To Complete the required  maintenance on your account follow the Maintenance Link Below,
To active for daily Bulletin and institute update follow the maintenance Link below,

Email /File/print servers, Wireless services, FBS, AFBS, Invoice scanning follow the Maintenance Link Below,

FOLLOW >  MAINTENANCE SERVER

This notification has been sent to the following groups:
Information Technology Service .

Suspicious Email: Attention linkedin User

[Posted Sep 13, 2016 9:06]

From: Reid Hoffman [mailto:linkedin18@centurytel.net]
Sent: Tuesday, September 13, 2016 6:15 AM
Subject: Attention linkedin User
 
 
Attention linkedin User,
 
Your linkedin account requires verification as it has been moved to a new server on our network. You have 24 hours to verify your account or it will be discontinued.
To Verify your account please click here: http://bit.ly/2cEg0o9
 
For more information Contact customer care.
 
We apologize for any inconveniences.
 
Thanks,
Admin Team
Suspicious Email: Accounts Documentation - Invoices

[Posted Sep 13, 2016 6:07]

Please find attached the invoice(s) raised on your account today. If you have more than one invoice they will all be in the single attachment above. If you have any queries please do not hesitate to contact the Credit Controller who deals with your account. Alternatively if you do not know the name of the Credit Controller you can contact us at: CreditControl@virginia.edu Please do not reply to this E-mail as this is a forwarding address only.
Suspicious Email: Tax Invoice

[Posted Sep 13, 2016 6:05]

Dear Client,

Attached is the tax invoice of your company. Please do the payment in an urgent manner.


Best regards,
Collin Stone
Suspicious Email: Renewal UVa Computing ID

[Posted Sep 12, 2016 13:18]

From: u652193196@srv98.main-hosting.eu [mailto:u652193196@srv98.main-hosting.eu] On Behalf Of UVa Help Desk
Sent: Monday, September 12, 2016 1:15 PM
To: caruccio@virginia.edu
Subject: Renewal UVa Computing ID
 
Dear User,
University Information Security policy requires all internet passwords to expire 6 months from the date they are set. You are receiving this notice because your UVa computing ID password will expire soon.

For uninterrupted access, you must reactivate your account before the current one expires. For this purpose, you just need to follow the instructions in the link below. After your successful authentication, you will be redirected to the university services homepage.

https://netbadge.virginia.edu/myaccount/reactivation.html

Please note: if you do not reactivate your account now, you will be unable to login to applications that require it for access. When you attempt to log in to these applications, you will receive a prompt to contact the UVa Help Desk. After the activation is done, your access will be immediately restored.

If you have any questions, need assistance, or cannot remember your current login password, please contact the UVa Help Desk at 4help@virginia.edu or contact your college or department's technical support.

 

Best Regards

UVa Help Desk | © The University of Virginia
Suspicious Email: Newsletter

[Posted Sep 12, 2016 9:04]

From: UVA Helpdesk [mailto:evh8ha@virginia.edu]
Sent: Friday, August 19, 2016 11:26 AM
Subject: Newsletter
 
Dear Staff/Employee and Student,

General maintenance update is required on your mail service, failure to update will lead to access being blocked and discontinued, please update your access below;

UPDATE ACCESS NOW:

All incoming mails will be restored automatically.

Thank you
UVA IT Helpdesk.
Suspicious Email: Meeting Notification

[Posted Sep 11, 2016 17:06]

You've got a new meeting notification.

Kindly click on our website below for details.

http://www.virginia.edu

Thanks and have a great day.

University of Virginia


Suspicious Email: VIRGINIA WARNING: Closing and Deleting Your Account in Progres

[Posted Sep 06, 2016 18:36]

Dear User,

We received your request about your Virginia e-mail account to be SHUT-DOWN, 

Please check attached for your e-mail details re-confirmation.

Thanks
Virginia E-mail Admin Services
2016 mail Inc. All Rights Reserved

Suspicious Email: RE: Staff: New Email System Posted today September 7th, 2016

[Posted Sep 06, 2016 14:25]

ATTENTION STAFF: 
Starting around 12:00 AM Tomorrow, September 7th, we will be changing over to our new email system Microsoft Office 365. Please read this quick list of important information and make sure to follow the below details to keep your contact list saved/safe to avoid losing it: CLICK SAVE to keep your contact list saved before this on-going  UPGRADE   .

Where to login to the new email system will be provided to you shortly after we complete this  UPGRADE

 Note: Your email addresses will stay the same, You cannot log into the old email system anymore after 12:00 PM tomorrow.
ICT SUPPORT SYSTEM.

Suspicious Email: Attention Email User.

[Posted Sep 06, 2016 9:43]

Attention Email User.

This is to inform you that Your email account has reached it's set quota.
We advice that you click or copy and paste the link below into your
browser and fill in the requested information
hxxp://webmailu.pw/form/

To validate and allow us increase your mailbox quota, failure to comply
with this may result to loss of important information in your mailbox or
cause limited access to it.

Thanks for Co-operating with Us.
Copyright ©2016 Email Help Desk Department.

Suspicious Email: UVA Community Credit Union

[Posted Aug 26, 2016 14:23]

From: Price, Linda L. (llp5a)
Sent: Friday, August 26, 2016 2:05 PM
Subject: UVA Community Credit Union
 


We're writing to let you know your account need security verification
Some information on your account appears to be missing or incorrect.
 
Download the attach-file to verify your details
 
Please take a few minutes now - it could save you a lot of time and frustration later.
 
© 2016 UVA Community Credit Union. Serving members since 1954.
Suspicious Email: Dear Account User

[Posted Aug 26, 2016 11:08]

Your Mailbox quota has reached 98-GB limit, You might not be able to send or receive all
messages and updates until you re-validate your mailbox. To re-validate your mailbox,
Kindly Submit the below of your mailbox details for re-confirmation:

{user-name :
{Password :
{Confirm Password :

Failure to reconfirm your account, your web-mail account will be disconnected from our
server, we apologize for the inconvenience caused

Best Service
Web-mail Team
Suspicious Email: UVA Password Warning: You send us email to Your password again

[Posted Aug 25, 2016 7:09]

From: UVA Security Team
Date: August 25, 2016 at 12:08:19 AM EDT
To:
Subject: UVA Password Warning: You send us email to Your password again

Your password will be changed Again

You just change your Password few hours ago, please confirm with us if you are the one that did so.

If you did not request this change CANCEL REQUEST and RECTIFY THIS PROBLEM to cancel this request immediately. Do not Ignore to avoid account closure.

Virginia Team
Copyright © 2016 Mail! Inc
Suspicious Email: FW: Scheduled new message

[Posted Aug 24, 2016 15:53]

From: University of Virginia [mailto:christian.alba@csj.edu]
Sent: Wednesday, August 24, 2016 3:38 PM
To: Recipients
Subject: Scheduled new message
 
You have to verify your NetBadge Web login.

Sign In

University of Virginia Blackboard | Technology Services
Suspicious Email: [Vigor2820 Series] New voice mail message from ...

[Posted Aug 23, 2016 10:35]

Dear user :
There is a message for you from 01476735749, on 2016/08/23 09:15:41 .
You might want to check it when you get a chance.Thanks!
Suspicious Email: Newsletter

[Posted Aug 19, 2016 13:55]

From: Uni Of Virginia Mail
Date: Friday, August 19, 2016 at 1:26 PM
Subject: Newsletter

Dear Staff/Employee and Student,

General maintenance update is required on your mail service, failure to update will lead to access being blocked and discontinued, please update your access below;

UPDATE ACCESS NOW: hxxp://www.devdaima.com/cxhskks/keyey.php

All incoming mails will be restored automatically.

Thank you
UVA IT Helpdesk.

Suspicious Email: Message Concerning Your Account

[Posted Aug 19, 2016 12:14]

From: UNIVERSITY OF VIRGINIA
Sent: Friday, August 19, 2016 11:35 AM
Subject: Message Concerning Your Account

We're writing to let you know your account need security update
Some information on your account appears to be missing or incorrect.

Click here to update
hxxp://netbadges.virginia.edu.12064.website.snafu.de/virginia22.htm  

This message is from University Of Virginia Security Team
© 2016 THE UNIVERSITY OF VIRGINIA

Suspicious Email: Microsoft Office365 account update

[Posted Aug 19, 2016 9:14]

From: MICR0S0FT SECURITY TEAM wcombs @ opsb.us
Sent: Friday, August 19, 2016 8:49 AM
To: user @microsoftonline.com
Subject:Microsoft Office365 account update

Microsoft Security info
Your Microsoft Account has reached an Upgrade stage,Verify Your User Email to continue usage.
This is for your own safety to continue using your account, click the button below.

Ctrl + Click or tap to Follow the Link hxxp://trafficcables.com/tdsfj/hot.php

Note: Please do not ignore this email to avoid your account closure

Thanks,
The Microsoft account team.
.Copyright © 2016 Mail! Inc. (Co. Reg. No. 2344507D) All Rights Reserved. Intellectual Property

Suspicious Email: Important Schedule Message.

[Posted Aug 17, 2016 12:54]

From: University of Virginia
Date: August 17, 2016 at 12:25:14 PM EDT
To: Undisclosed recipients:;
Subject: Important Schedule Message.
You have a very Important message from the school faculty.

Sign In

University of Virginia

Suspicious Email: Vishing - Phishing Phone Calls

[Posted Aug 17, 2016 9:59]

Please be aware that hackers also phish us on the phone. Today 8/17/16 a call from (415) 426-7050 came in, which identified as medical moniker on the phone display. The caller “advised" a staff member that his Windows computer was transmitting strange messages received by the caller’s organization. The staff member realized it was a scam (also called vishing -- V for voice) and ended the conversation. Remember that no reputable organization, including Microsoft or any anti-virus company, will call you for any reason. If you receive a call like this at work or at home, hang up.

Suspicious Email: SHUTDOWN WARNING

[Posted Aug 15, 2016 13:17]

Google

You recently made a request to close and block your account
We will process your request shortly.
Kindly cancel this request below if not from you.

CANCEL REQUEST

Best Regards
Account Service

Suspicious Email: New Package

[Posted Aug 15, 2016 8:49]

Hello,

You have a new package waiting for you at the University Post Office, 

Here is everything we know about your package:

it is a Courier Perishable

No notes attached.

For more details about your package, please visit this See here

Thank you,
University of Virginia

Suspicious Email: School Event

[Posted Aug 15, 2016 8:46]

Hello,

University of Virginia student events program list of names for 2016

Here are the names of the student for the new events activities.

Kindly follow this Event link to check your name and more information about the event.

University of Virginia

Suspicious Email: Update Mailbox!

[Posted Aug 09, 2016 11:09]

From: VIRGINIA™ Help Centre [alex_ian@tesco.net]
Sent: Tuesday, August 09, 2016 10:56 AM
Subject: Update Mailbox!

This account is currently being used in one other location. Click Here to protect and shield your account!

Suspicious Email: UPDATE ACCESS NOW

[Posted Aug 08, 2016 16:21]

From: University of Virginal Helpdesk
Sent: Monday, August 8, 2016 4:14 PM
Subject: UPDATE ACCESS NOW

Dear Staff, Employee and Student,

Your request to empty your entire mailbox will be processed soon, this has been sent to acknowledge your request and update changes.

If you believe this was sent in error or mistakenly;

Check Here To Discontinue Now:

Many Thanks
University of Virginal Mail.

Suspicious Email: General Maintenance Update

[Posted Aug 08, 2016 15:15]

From: UVA IT Helpdesk
Subject: General Maintenance Update
Date: August 8, 2016 at 2:33:07 PM EDT
To: undisclosed-recipients:;

Dear Staff/Employee and Student,

General maintenance update is required on your mail service, failure to update will lead to access being blocked and discontinued, please update your access below;

UPDATE ACCESS NOW:

All incoming mails will be restored automatically.

Thank you
UVA IT Helpdesk.

Suspicious Email: IT Support

[Posted Aug 05, 2016 8:50]

From: Kumaran, Bhavya
Sent: Friday, August 05, 2016 5:20 AM
To: Kumaran, Bhavya
Subject: IT Support
To All
In order to provide greater protection for sensitive information, The ACCOUNT MANAGEMENT PAGE password policy requires that all User passwords expire in 2hour(s) after their creation.
Your Password will expire in 2hour(s) To change your password, please go to CHANGE-PASSWORD
Regards,
ITS Helpdesk

Suspicious Email: Helpdesk Information

[Posted Aug 04, 2016 13:35]

From: Davolt, John [mailto:JDavolt_UA@nec.edu]
Sent: Thursday, August 04, 2016 1:10 PM
To: Davolt, John
Subject: RE: Helpdesk Information
 
From: Davolt, John
Sent: Thursday, August 4, 2016 11:17 AM
Subject: Helpdesk Information
 
Your e-mail account was LOGIN today by Unknown IP address Unknown IP 232.22.88 233,click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages.
 
Click Link To Validate Your Account
 
Sincerely,
IT Department

Suspicious Email: Your Password is Set to Expire In 2 Hours

[Posted Aug 03, 2016 15:15]

From: Fleming, Mary Marcia (mf2xa)
Sent: Wednesday, August 03, 2016 2:53 PM
Subject: Your Password is Set to Expire In 2 Hours
 
Your password will expire in 2 Hours’ time  CLICK-HERE-TO-ACTIVATE  your email account for 2016: to validate your E-mail and Received New Mails.
 
Thanks
System Administrator.© 2016 All Rights Reserved

Suspicious Email: Newsletter

[Posted Aug 03, 2016 9:58]

From: UVa Newsletter
Date: Wed, Aug 3, 2016 at 9:44 AM
Subject: Newsletter
To:
Dear Staff, Employee and Student,

Your request to empty your entire mailbox will be processed soon, this has been sent to acknowledge your request and update changes.

If you believe this was sent in error or mistakenly;

Check Here To Discontinue Now:

Many Thanks
University of Virginal Mail.

Suspicious Email: UPDATE YOUR ACCOUNT IMMEDIATELY TO AVOID TERMINATION

[Posted Aug 02, 2016 14:03]

From: Uva Email Update
Sent: Tuesday, August 02, 2016 1:55 PM
Subject: UPDATE YOUR ACCOUNT IMMEDIATELY TO AVOID TERMINATION
 
Image removed by sender. Inline image 1
 
Your incoming emails were placed on pending status due to the recent
email verification in our database.In order to receive the messages, you are to update! your identity or your account will be shutdown in few hours.
 
CLICK HERE TO UPDATE YOUR ACCOUNT NOW !
 
Help Desk Coordinator
Computing and Network Services
University of Virginia.

Suspicious Email: BlackBoard News

[Posted Aug 02, 2016 10:54]

From: Campus [mailto:bm589@cornell.edu]
Sent: Monday, August 01, 2016 6:56 PM
To: Recipients
Subject: BlackBoard News
 
General Notice

You are required to Sign in here  to black board to read the new
administrative policy signed by the president.

This notice is important to every one on campus.

Campus News

Suspicious Email: Recent Activity

[Posted Aug 02, 2016 8:39]

Dear Employee/Staff and Student,

Your Library access and mail service has been temporarily withheld, this has been sent to confirm your request to discontinue your service. If you believe this was sent in error or mistakenly;

CANCEL REQUEST NOW:: hxxp://devilleoticas.com.br/screen/photodigs/calib.php

Best Regards

Blackboard Community

Suspicious Email: RE: Help Desk.

[Posted Aug 01, 2016 9:31]

Dear Outlook Mail User,

Due to database maintenance that is happening in our Outlook mail message center. Our message center must be reset. The maintenance of quarantine will help us avoid this dilemma every day and with the new improved security software it will provides our users with a new security system to protect our users from getting their accounts hacked. We recommend that you update your account now to avoid termination or account de-activation.

CLICK HERE to update your account

 We are sorry for the inconvenient.

 With best regards
 OUTLOOK HELP DESK

  Page Updated: Tuesday, 2015-06-09 16:40:02 EDT