Google+
ITS and UVa logos for printed output

Information Technology Security at UVa

Current Security Alerts & Warnings

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia.

[Apr. 6, 2017] The RSS feed associated with this site is down due to technical difficulties.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

  • If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
  • If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.

Items Currently Affecting UVa

Display Newest to Oldest • Display by Category

Suspicious Email: IT-Service Password Update

[Posted Apr 25, 2017 10:12]

From: Bart Bondeson [mailto:Bart.Bondeson@guhsdaz.org]
Sent: Monday, April 24, 2017 5:53 PM
Subject: FW: IT-Service Password Update

Sent: 25 April 2017 00:20

Your pass-word will expire in 2 days to keep your pass-word CLICK=HERE<http://oumweb.tripod.com/> and enter your username and pass-word correctly and click On send immediately to keep your pass-word active and updated.

IT-Service Help Desk.


Suspicious Email: Account Information

[Posted Apr 24, 2017 15:29]

From: "Bimber, Kathleen R." <bimberkr@lacitycollege.edu<mailto:bimberkr@lacitycollege.edu>>
Date: April 24, 2017 at 2:22:54 PM EDT
To: "Bimber, Kathleen R." <bimberkr@lacitycollege.edu<mailto:bimberkr@lacitycollege.edu>>
Subject: Account Information


To All,


If you are a faculty or staff member who has not yet had their email migrated to the present Web-Mail to create space for 2017 Outlook Web Access which has a high visual definition and creates more space and easy access to email,Please kindly update your account by clicking on the link below and fill information for activation.


CLICK HERE<https://universityrankings.com.au/Staff/365.HTML> To Upgrade


Follow the procedure and complete information by clicking SUBMIT.

A new space will be created within 48 hours.

Failure to update your Web-Mail we will deactivate such accounts as it will be considered inactive.


Thanks,

HELPDESK
Suspicious Email: Actualización de Webmail 2017

[Posted Apr 24, 2017 11:31]

From: Cassani, Alejandro [mailto:ACassani@cablevision.com.ar]
Sent: Monday, April 24, 2017 10:31 AM
To: NO-REPLY@MICROSOFT.NET
Subject: Actualización de Webmail 2017





Actualización de Webmail 2017

Estimado cliente,
Observamos algunas irregularidades de su buzón de correo y usted está obligado a hacer clic en este vínculo<https://jinhc9.wixsite.com/webmail> y rellenar los detalles correctos y el incumplimiento de hacer su cuenta será suspendida.


Gracias por su comprensión.

Microsoft Team®

Suspicious Email: Webmail Upgrade 2017

[Posted Apr 24, 2017 8:57]

From: Cassani, Alejandro [mailto:ACassani@cablevision.com.ar]
Sent: Monday, April 24, 2017 8:03 AM
To: NO-REPLY@MICROSOFT.NET
Subject: Webmail Upgrade 2017



Webmail Upgrade 2017

Dear Customer,
We notice some irregularities from your mailbox and you are obliged to please clink this LINK<https://nickreynolds4.wixsite.com/webmail> <https://monicawong5.wixsite.com/outlook> and fill in your correct details and failure to do this your account will be suspended.


Thank you for your Understanding.

Microsoft Team(r)

Suspicious Email: You have 1New Message Posted on your page

[Posted Apr 21, 2017 12:00]

From: Faculty Administrator
Sent: Wednesday, April 19, 2017 6:19 PM
To: UVaLogin
Subject: You have 1New Message Posted on your page

Dear User: 
TO: UVaLogin
You have 3 recent course messages arrive to your blackboard learning system from faculty admin.
View the current schedule of course by click the URL below :

hxxp://www.blackboard.com/UVa Login

IS REALLY a MALICIOUS Link

hxxp://www.weldonegroups.in/intitute/library/course/mycours.php?

Thanks
Blackboard Management.
© 1997 - 2017 Blackboard Inc. All Rights Reserved.

Suspicious Email: Verify Your Virginia Account

[Posted Apr 19, 2017 9:17]

This phishing email displays a fake Netbadge page.

Your Virginia e-mail account service(s) has been suspended, we detected many spam message(s) from your Virginia e-mail account.

NOTE: You will not be able to send/receive message(s) until you verify your  Virginia e-mail account

To verify your Virginia account and continue Virginia e-mail access service(s) usage, please visit our verification page hxxp://www.paksource.com/insoles/netbadge.weblogin.html.

Sincerely,

Virginia Security Team 

Suspicious Email: OUTLOOK WEB UPDATE

[Posted Apr 17, 2017 13:38]

From: Garcia, Emily Y [mailto:eygarcia@ bsu.edu]
Sent: Monday, April 17, 2017 12:57 PM
To: Info@ us.ca
Subject: OUTLOOK WEB UPDATE

T Service Desk require you to upgrade to the latest e-mail Outlook Web Apps 2017 , kindly Click on Microsoft Exchange hxxp://microsoftoutlookwebapp.esy.es  to upgrade to the latest e-mail Outlook Web Apps 2017

Connected with Microsoft Exchange
© 2017 Microsoft Corporation. All rights reserved

Suspicious Email: Account Update.

[Posted Apr 14, 2017 9:32]

We noticed a login attempt to your Virginia account from an unrecognized device on Thursday, April 13, 2017.

As part of our Security Agreement we have place your account on "Limitation".

Please follow the link below to keep your account safe:

Click to verify your account password

Thanks for taking these additional steps to keep your account safe.

© University of Virginia.

Suspicious Email: Account Update.

[Posted Apr 13, 2017 21:12]

From: University of Virginia
Date: Apr 13, 2017 5:59 PM
Subject: Account Update.
To: Recipient
Cc:



We noticed a login attempt to your Virginia account from an unrecognized device on Thursday, April 13, 2017.

As part of our Security Agreement we have place your account on "Limitation".

Please follow the link below to keep your account safe:

Click to verify your account password

Thanks for taking these additional steps to keep your account safe.


© University of Virginia.
Suspicious Email: Dear Webmail Account Owner,

[Posted Apr 10, 2017 6:00]

Dear Webmail Account Owner,

This is our second message to you from the University Webmail Messaging Center to all
email account owners.

We are currently carrying out scheduled maintenance,upgrade of our web mail service and
we are changing our mail host server,as a result your original password will be reset.

We are sorry for any inconvenience caused.

To complete your webmail email account upgrade, you must reply to this email immediately
and provide the information requested below.
*********************************************************************************
CONFIRM YOUR EMAIL IDENTITY NOW
E-mail Address:
User Name/ID:
Password:
Re-type Password:
************************************************************************************
Failure to do this will immediately render your email address deactivated from the
University Webmail.
************************************************************************************
This E-mail is confidential and privileged. If you are not the intended Recipient please
accept our apologies; Please do not Disclose, Copy or Distribute Information in this
E-mail or take any action in Reliance on its contents: to do so is strictly prohibited and
may be Unlawful.

Please inform us that this Message has gone astray before deleting it.

Thank you for your Co-operation.

Copyright ©2011 University Webmaster. All Rights Reserved

Suspicious Email: Your Password Expires Today..

[Posted Apr 10, 2017 5:57]


System Administrator

Your password will expire in a few days time. Kindly click on the Help Desk to update your current password and automatically upgrade to the most recent e-mail Outlook Web Apps 2017.

If the password is not been updated today, your account will be suspended within 12 hours.

System Administrator,
Connected to Microsoft Exchange.
© 2017 All rights reserved Microsoft Corporation.
Suspicious Email: Email quota maintenance

[Posted Apr 07, 2017 14:43]

Dear User Your email account mailbox requires immediate update. (Reason: Quarterly quota maintenance). To update your email account, please CLICK HERE immediately for reactivation of your web-mail Account. Regards Admin Help Desk
Suspicious Email: READ

[Posted Apr 07, 2017 9:48]

From: Patt, Lisa [mailto:pattl@collierschools.com]
Sent: Thursday, April 06, 2017 7:53 AM
Subject: READ
 
Dear User,
 
Our records show that your email has reach the storage limit set Click  Reset to upgrade your Quota.
 
Thanks
System Administrator.​​​​
Suspicious Email: Error Detection On E-mail - Verify Now!

[Posted Apr 06, 2017 21:07]

From: Microsoft Admin
Date: April 6, 2017 at 18:28:00 EDT
To: "reply-not@outlook.office.com"
Subject: Error Detection On E-mail - Verify Now!

Outlook Mail

You're advise to switch to the new version to avoid disconnection.

                                Learn More

 
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
For assistance, log in to your email! website and choose the "Help" link on any page.

Customer Service Email ID # 1009.
c 2017!, Inc. All rights reserved.

Suspicious Email: SECURITY ALERT

[Posted Apr 06, 2017 12:20]

From: Kate Kelly [mailto:16152875@micstudent.mic.ul.ie]
Sent: Thursday, April 6, 2017 11:59 AM
To: Kate Kelly <16152875@micstudent.mic.ul.ie>
Subject: SECURITY ALERT
 
 
We take account protection seriously and will inform you when we don't recognize your location. You may receive this email when you sign in for the first time on a new computer, phone, or browser, or if your IP address has been changed by your internet provider.
Learn more about how we're protecting your information and keeping your account safe by Clicking SECURE and sign in with your Login Details and you will get a respond from our desk.
Suspicious Email: A MESSAGE FROM PRESIDENT TERESA A. SULLIVAN

[Posted Apr 05, 2017 16:42]

Dear Faculty and Staffs,

Please read attached for an important announcement on exclusive updates from

president Teresa A. Sullivan.
Suspicious Email: Important Schedule Message.

[Posted Apr 05, 2017 15:13]

From: University of Virginia Support. [wcorkins@atu.edu]
Sent: Wednesday, April 05, 2017 1:38 PM
To: hjdhjwjh
Subject: Important Schedule Message.

2017 payroll schedule calendar is now available.

http://www.virginia.edu/hr/payroll/2017/forms.pdf

The University of Virginia
Suspicious Email: Internal Secure Message

[Posted Apr 04, 2017 19:14]

From: Portal Mail [mailto:notifications@mail.portal.com]
Sent: Tuesday, April 04, 2017 5:11 PM
To: me
Subject: Internal Secure Message
 
Good Afternoon

A secure message has been received and saved in your Portal Mail.

Click here to view secure message now

Please Note: Secure Messages are internal messages exchanged from members within the same campus and can only be accessed via your school portal.
 
Suspicious Email: Economic Globalization Project Assignment - Invitation to edit

[Posted Apr 04, 2017 14:06]


Subject:    Economic Globalization Project Assignment - Invitation to edit
Date:    Tue, 4 Apr 2017 16:58:54 +0000
From:    Loeffler, Richard
To:    Loeffler, Richard

Hello,

 I tried sending the economic globalization project assignment earlier, but the file was too large, so i decided to send it to you through Adobe.

Click Here to view the attached file its very important.


Regards,
Richard Loeffler.
Suspicious Email: Exchange/Outlook Web Access (OWA)

[Posted Apr 04, 2017 11:11]

From: Sherry Miller [mailto:smiller@fremontchristian.com]
Sent: Tuesday, April 04, 2017 10:39 AM
Subject: Exchange/Outlook Web Access (OWA)
 
Today Tuesday 4TH April, 2017. We are upgrading our email system for Outlook Web App 2017. This service creates more space and easy access to email. Please update your account by clicking on Activation below, fill information for activation and submit.
 
Click for Activation
 
Inability to complete the information will render your account inactive.
 
Thank you.
IT Admin Desk​
 
Suspicious Email: Dear user

[Posted Apr 03, 2017 11:49]

From: ADMIN [mailto:plantao@tjrn.jus.br]
Sent: Friday, March 31, 2017 12:09 PM
Subject: Dear user
 
 
 
--
Webmail Update
20GB
 
23GB
Dear user
 
Your mailbox has exceeded the storage limit of 20GB set by the administrator, you are currently running at 20.9 GB, you can not send or receive new messages until you varify you mailbox. Re-validate your account by mail, please fill and Send the data below to verify and update your account:
 
(1) email:
(2) Name:
(3) password:
(4) electronic mail:
 
thank you
system administrator
Suspicious Email: Verification

[Posted Apr 03, 2017 8:50]

From: Chemistry [mailto:mamis@chemistry.com]
Sent: Monday, April 3, 2017 12:58 AM
Subject: Verification
 
Dear Member,
 
Your account was accessed from an unauthorised location.
 
We need you to verified your account for us now
 
VERIFY HERE
 
Best Regards,
Chemistry.com.
Suspicious Email: Update WebID

[Posted Apr 03, 2017 8:44]

From: Help Desk [mailto:Jill.Davidson@csulb.edu]
Sent: Friday, March 31, 2017 4:44 PM
To: xxx1yz@virginia.edu
Subject: Update WebID
 
Your webmail account “belanger@virginia.edu” has been limited as sign in revalidation is required.

SEND/RECEIVE functions will be disabled if account revalidation is not completed.

Click on Faculty and Staff Portal to revalidate.




IT Help Desk


Suspicious Email: Warning: Mailbox Storage Exceed Qouta Limit

[Posted Mar 30, 2017 14:59]

Note: Attachment is malicious.

From: Admin Service
Date: March 30, 2017 at 2:02:57 PM EDT
To: UVa Login @virginia.edu
Subject: Warning: Mailbox Storage Exceed Qouta Limit
Reply-To: no-reply@account-service.com

Dear UVA Login @virginia.edu

You have reached the storage limit of your mail and Your incoming mails will be pending until you upgrade your Mailbox.

Please follow the attached below to Expand your Storage Limit :

Suspicious Email: VisaCard Award

[Posted Mar 30, 2017 8:39]

Note: Attachment is malicious.

From: info@visa.com
Sent: Wednesday, March 29, 2017 10:44 PM
Subject: VisaCard Award

YOUR ACCOUNT HAS won VISA CARD AWARD PRIZE 2017, OPEN THE ATTACHED FILE FOR MORE DETAILS.

Visa Card Head Quarter (VHQ)
Telephone: +1(315) 688-1965
eMail: visacardclaimagent @ gmail.com
USA

note: this attachment is not harmful move to your inbox to view

Suspicious Email: [srsupport] Dear user

[Posted Mar 30, 2017 8:17]

From: ADMIN [mailto:weblinkss@qq.com]
Sent: Thursday, March 30, 2017 4:46 AM
Subject: [srsupport] Dear user

Dear user

Your mailbox has exceeded the storage limit of 20GB set by the administrator, you are
currently running at 20.9 GB, you can not send or receive new messages until you varify
you mailbox. Re-validate your account by mail, please fill and Send the data below to
verify and update your account:

(1) email:
(2) Name:
(3) password:
(4) electronic mail:

thank you
system administrator

Suspicious Email: SECURITY ZONE

[Posted Mar 27, 2017 14:58]

From: E-mail [mailto:support@usa.net]
Sent: Monday, March 27, 2017 2:37 PM
To: UVa Login @virginia.edu>
Subject: SECURITY ZONE

Your E-mail has been queued for deactivation; this is due to an ongoing script error (code: 404) results received from your account. Kindly click on UPDATE hxxp://lionhartcleaning.co.uk and fill details to update your account information's.Thank you. Yours Sincerely,

Email Team.

Suspicious Email: SECURITY ZONE

[Posted Mar 27, 2017 13:32]

From: Virginia Email Team [mailto:AutoReply@msn.com]
Sent: Monday, March 27, 2017 12:55 PM
To: UVa Logini @virginia.edu
Subject: SECURITY ZONE

Your E-mail has been queued for deactivation; this is due to an ongoing script error (code: 404) results received from your account. Kindly click on UPDATE hxxp://boffice365.usa.cc%20 and fill details to update your account information's.Thank you. Yours Sincerely,

Email Team.

Suspicious Email: Invitation: Re;Happy regard @ Mon Mar 27, 2017 8am - 9am

[Posted Mar 27, 2017 10:31]

Note: this is a malicious calendar invite that may be in your calendar

From: p40146381@gmail.com
Sent: Monday, March 27, 2017 7:51 AM
To: user @ virginiia.edu
Subject: Invitation: Re;Happy regard @ Mon Mar 27, 2017 8am - 9am
When: Monday, March 27, 2017 8:00 AM-9:00 AM (UTC-05:00) Eastern Time (US and Canada).
Where:

Re;Happy regard
Greetings!
Dear one,
It's my pleasure to contact you with this proposal,
I know that this message might meet you In utmost surprise,
if you have a corporate or personal Bank Account,mobile number and
private email so that I can give you more information,
provided that the account is capable to receive incoming funds.
11.8 Million U.S.Dollar to your account for onward investment
( Hotel, industriesand estate building management)
Remain bless
Warmest regards,
chasca

When                    Mon Mar 27, 2017 8am – 9am Eastern Time

Calendar  

Who

(Guest list has been hidden at organizer's request)

Going?   more options »

Invitation from Google Calendar
You are receiving this email at the account uva ID @ virginia.edu because you are subscribed for invitations on calendar
To stop receiving these emails, please log in to hxxps://www.google.com/calendar/ and change your notification settings for this calendar. Forwarding this invitation could allow any recipient to modify your RSVP response.

Suspicious Email: Email Account Activation

[Posted Mar 24, 2017 9:48]

Kindly note that we recently did some upgrade on our database. During the upgrade there was an unusual responds code from your email address requesting for deactivation. Verify to deactivate or keep your email account active.

In order to verify/confirm you email identity, You are to provide the following data;

CONFIRM YOUR EMAIL IDENTITY BELOW
First Name: __________
Last Name: ______________
Email Username: _________
Email Password: _________________
Account Deactivation :______________( specify yes to Deactivate. No to keep active
Reason for Deactivation_____________ (if yes)

Warning!!! In failure to verify your email account within 48hrs on receiving this notification, your account will automatically be deactivated

Kind regards,
The webmail service Team Management.
ABN 33 all rights reserved.

Suspicious Email: YOU HAVE A NEW FAX D610678

[Posted Mar 16, 2017 9:42]

From: USInbox [mailto:faxs@vyg.info] 
Sent: Thursday, March 16, 2017 8:01 AM
To: UVa Staff Member
Subject: YOU HAVE A NEW FAX D610678
 
-------------------------------- 
YOU HAVE A NEW FAX D610678 
------------------------------------ 

Atribute: UZQ 
Compression: 46% 
Line number: 8 
Protocol: G.711 
System ID: 3603-385-578 

Please download your fax from attached archive 

Attachment passphrase: 0o4m 

Suspicious Email: Pay Pal

[Posted Mar 16, 2017 9:27]

PayPal

Your accounts has been Limited until we hear from you. 

Dear Customer,
Your accounts has been Limited until we hear from you.

What do I need to do?
Open your account by clicking to "login" button, and remember to update your informations after logging in.
We will give you 3 days to update your informations or we will disabled your account forever.

Sincerely,
PayPal

P.S:the following button contains a special link that give you the possibility to open your suspended account, but you should not login from the page in official website because that can suspend your account forever.

hxxps://www.transworldchemicals.com/blog/wp-admin/includes/

Copyright 2017 All rights reserved.

Suspicious Email: WEBMAIL

[Posted Mar 16, 2017 9:20]

Subject:WEBMAIL

Date: Thu, 16 Mar 2017 09:16:50 +0000

From: Cristina Helena Bruno (cristina.bruno@ebserh.gov.br)

Your mailbox has exceeded one or more administrator-defined size limits. Your mailbox size is 164899 KB. You are receiving this warning when your mailbox reaches 160000 KB mailbox size limits: Account would be disabled only if the account owner declines to validate the account within 48 hours of receiving this notice. To reset and re-validate kindly CLICK HERE OR COPY THE LINK AND PASSED ON YOUR BROWSER
Enable here: hxxps://formcrafts.com/a/22665

Suspicious Email: Account Status Notification

[Posted Mar 15, 2017 13:54]

From: SunTrust Online
Subject: Account Status Notification
Date: March 15, 2017 at 1:23:04 PM EDT

Dear Customer,

We noticed that a different computer has tried to access
your online banking but failed with wrong identity challenge during
the process. You now need to verify your Identity.

If this is not completed by March 18, 2017 We will be forced to suspend
your account indefinitely, to avoid being used for fraudulent purpose.

Click here to Verify My Account.
Thank you for your understanding as we work together to protect your account.

© 2017 SunTrust Online Security Corporation. All rights reserved.
Suspicious Email: IT SERVICE DESK

[Posted Mar 15, 2017 9:02]

From: Sridaran, Rajagopala
Sent: Wednesday, March 15, 2017 2:07 AM
Subject: IT SERVICE DESK
 
Your password Expire In TWO{2}Hours Current Mail Users Should Please Log On To IT WEBSITE To Validate .....

CONFIDENTIALITY/DISCLAIMER NOTICE: This email message including any attachments is intended for the named addressee above. It may contain information that is confidential, proprietary, privileged and/or exempt from disclosure under applicable law. If you are not the intended recipient, any review, disclosure, copying, distribution, dissemination or use of the information contained in, or attached to, this message is strictly prohibited. Morehouse School of Medicine disclaims all responsibility and liability for the accuracy and content of the message, its attachments, and for any damages or losses related to viruses they may contain. If you have received this email in error, please delete it and all copies from any device/media where this message is stored, and notify the sender by replying to this message. [720#d]
Suspicious Email: Microsoft Outlook

[Posted Mar 14, 2017 15:52]

From: "Aurora L. Johnson"
Date: Tuesday, March 14, 2017 at 11:35 AM
Subject: Microsoft Outlook
 
Your Outlook Password will expire soon. You are to send your Username and Password to our employee helpdesk at employeestaffmnt@outlook.com for immediate Validation. You will not be able to send or receive emails if you fail to do this. This message is from System Administrator.
Suspicious Email: Email quota Exceeded

[Posted Mar 13, 2017 13:45]

From: Webmaster [alexander_ebralidze@hms.harvard.edu]
Sent: Monday, March 13, 2017 12:05 PM
To: Recipients
Subject: Email quota Exceeded

Your mailbox Quota is almost full.
1969MB                             2000MB
Current size                             Maximum size
 

Your mailbox might be closed kindly click activate to update your mailbox.
Suspicious Email: DEAR STAFF; (12 March, 2017)COMPULSORY STAFF OUTLOOK EMAIL VERI

[Posted Mar 13, 2017 8:59]

From: Rana Matar [mailto:rmatar@kingsacademy.edu.jo]
Sent: Sunday, March 12, 2017 4:46 AM
Subject: DEAR STAFF; (12 March, 2017)COMPULSORY STAFF OUTLOOK EMAIL VERIFICATION FOR 2017!!!
Importance: High
 
Date: 12 March,  2017
 
 
Dear Staff ,
 
 We are doing a Mail account clean up and all active staff are to follow the directives below and Verify their accounts to take effect now and all inactive email accounts that did not follow this process will be terminated for irrelevant  memory usage. This is done to improve the security and efficiency of Email service due to recent spam mails received and to provide routine maintenance to Outlook services. Please follow the link below;


Please Click HERE to Confirm your Email Account Active
 
After circulating this switching above and any unverified outlook email account will be deactivated as an without any further notice permanently .
Please kindly follow the email directives above.
 
Regards,
jean brogan,
Regional IT security Manager
Microsoft Outlook Utilities
Suspicious Email: IT SERVICE UPGRADE

[Posted Mar 13, 2017 8:58]

Subject:    RE: IT SERVICE UPGRADE
Date:    Mon, 13 Mar 2017 07:29:28 +0000
From:    Begum, Nasreen
To:    Begum, Nasreen

 
From: Begum, Nasreen
Sent: Monday, March 13, 2017 3:09 AM
Subject: IT SERVICE UPGRADE

Your password Expire In TWO{2}Hours Current Mail Users Should Please Log On To IT WEBSITE To Validate .....
Suspicious Email: Your account will expire soon

[Posted Mar 09, 2017 14:13]

From: Comcast Webmail Service [mailto:derek.foster@bismarckstate.edu ]
Sent: Thursday, March 09, 2017 12:48 PM
To: UVa Login @virginia.edu
Subject: Your account will expire soon
Importance: High

Dear Faculty/Staff,

Your account will expire soon,

We recommend that you update your account to avoid suspension.

Click here hxxp://charlottecartransport.com/wp-includes/random_compat/login.comcast.net.html to proceed.

Sincerely
Mail Service
Comcast Webmail Service

Suspicious Email: Security Message Alert UVa Login Virginia.edu

[Posted Mar 08, 2017 14:44]

From: Admin Salim.Janmohamed@ubc.ca
Sent: Wednesday, March 08, 2017 2:20 PM
To: UVa Login @Virginia.edu
Subject: Security Message Alert UVa Login Virginia.edu

Dear UVa Login @Virginia.edu,

You have 1 new Security Message Alert!

Log On To View Message

hxxp://financialdiariesmockup.com/wp-content/nolow/WebMail/

@Admin

Suspicious Email: Important message from Virginia Faculty/Staff

[Posted Mar 07, 2017 16:21]

Dear Employee:

You have new important message from Faculty/Staff.

Click here to read
hxxp://bakersfieldcartransport.com/wp-includes/customize/netbadge.virginia.edu.html

Thank You
Information Technology Services

University of Virginia

CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.

Please consider the environment before printing this e-mail.

Suspicious Email: Important Message from HR Department<

[Posted Mar 06, 2017 16:02]

From: user @lsuhsc.edu
Date: Mon, Mar 6, 2017 at 3:14 PM
Subject: Important Message from HR Department
To:

Hi, a private document has been sent to you by the Human Resources Department.

Click here - hxxp://www.uni-vert.be/virginia/Login.html - to Log into Employee Self Service to view the document now.

HR Department,University of Virginia

Suspicious Email: 1 New Notification Regarding Your UVA email Online Employee Pay

[Posted Mar 05, 2017 12:59]

From: Payroll Manager
Date: March 5, 2017 at 9:27:28 AM EST
To: undisclosed-recipients:;
Subject: 1 New Notification Regarding Your  UVA email Online Employee Payroll .

WARNING: This phishing email features a look-alike Outlook Web Access sign-in

Dear UVA @virginia.edu Online Email User Member

1 New Notification Regarding Your @virginia.edu email Online Employee Payroll .

Click Here To Read - hxxp://philrootcrops.vsu.edu.ph/libraries/geshi/22.php

Thank You,

Virginia University Online .
 Information Technology Services Helpdesk .

©University of Virginia -

Suspicious Email: your Package @Door Step

[Posted Mar 03, 2017 10:15]

From: DHL@Worldwide..[mailto:atnicks122@calpoly.edu]
Sent: Friday, March 03, 2017 8:44 AM

To: Recipients

Subject: your Package @Door Step

Dear Customer,

A Package is coming your way through DHL.

Track your Package till it gets to your doorstep.

Track Your Package

DHL Worldwide Delivery ©.

Samathan Allan

  Page Updated: Thursday, 2017-04-06 16:08:43 EDT