Information Technology Security at UVa
Current Security Alerts & Warnings
This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. You may also subscribe to this information via RSS.
Regarding Suspicious Email Alerts
Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.
- If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
- If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us. Forward it to our email abuse team.
Security Alerts Currently Affecting UVa
Suspicious Email: Account Update
[Posted Feb 08, 2012 15:25]
Please go to hxxp://update.vtext-verizon.com and update your login info.
Suspicious Email: IRS Penalty Notification
[Posted Feb 08, 2012 15:25]
Good day,
We would like to notify you, that you are required to pay a penalty because you did not file income tax return by the deadline that is January 31, 2012.
Please note, that IRS [Section 6038(b)(1)] assigns a money penalty to the amount of $10,000 for each [Form 5471] that is sent later than the deadline of the income tax return, or does not include the thorough information defined in [Section 6038(a)].
You will be released from the penalty if the taxpayer proves that the late filing was caused by substantial reasons.
Please enter our official site for more details.
Kind regards,
Internal Revenue Service United States
Department of the Treasury
Suspicious Email: *** Online notification - ID :
[Posted Feb 08, 2012 9:42]
Dear Client,
We have an issue with your Online Banking account.
Click Here to resolve the issue :
hxxp://security-regions.nuihgh.webhop.org/regions/index.php?activate=FK392GJ
Regions Security Department.
Message Encrypted
VKWQINBOTYOCLUHQRTWFXKXZWXIPDUWKGCVUVH
Suspicious Email: Upgrade Your Account
[Posted Feb 07, 2012 9:25]
Dear Account User,
Your e-mail needs to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spyware 2012.
All you need do is hit reply and fill in the column below and click Submit; Our webmail Team will update your account. Failure to comply to this update, your account will be temporarily suspended from our services.
User ID:
Password:
Phone Number:
Thank you for your coperation!
Regards,
Webmail Administrator
©2011-2012 All rights reserved
USERNAME:
PASSWORD:
Phone:
We apologize for the inconvenience, we are here to make it look better webmail in 2012.
Webmail Administrator Customer Care!
Case Number: 7650087 Property
Account Security
©2012 Webmail Administrator All Right Reserved.
Suspicious Email: Your Webmail Account was violated!
[Posted Feb 01, 2012 8:34]
Webmail Maintenance
Dear User,
Attention! Your Webmail Account was violated!
Someone with ip address 75.30.102.xx tried to access your personal account!
Please click the link below and enter your webmail information to confirm that you are not currently away.
You have 3 days to confirm webmail information or your account will be locked.
Click here to verify your account
We apologize for any inconveniences on this effect.
Thank you for your patience and understanding.
Technical Support
Page Loaded: 01/02/2012
Suspicious Email: Help Desk Notification (Action Required)
[Posted Jan 30, 2012 8:59]
Subject: Help Desk Notification (Action Required)
Attention!
Due to constant invasion of user accounts by spammers and viruses, we are moving to a more secure and less vulnerable server. We are excited to be in the final stages of moving to our new system! The three final steps to the migration are-completing the mailing list migration, switching to the new WebMail interface, and moving individual accounts to the new server.
During the course of this excersise, the following information would be required for validation so endeavor to submit your
username (................)
password(................)
Alt. Email(................)
and Birth Year(................)
Ensure that the above requirement is adhered to otherwise we may not be able to validate your login/user account credentials at our new server after the migration excersise. Failure to comply will reduce and might fully restrict user priviledges and as such will cause data loss.
Regards.
Help Desk
IT Service
Suspicious Email: Re-validate
[Posted Jan 25, 2012 15:44]
Dear Account Owner,
With the new improved virus guard, your mailbox has been detected of a malicious virus capable of affecting our database. Your mailbox require repair now or closed to protect our database.
Re-validate your account NOW to authorize it repair,click: hxxx://kixyztl pqrsgst
Non Compliance Will Result To Account - Closure.
Thanks
System Administrator.
Suspicious Email: *** Activate Now - Code ID : TKFLMVGGUY
[Posted Jan 23, 2012 11:56]
From: ATM/Debit Card
Sent: Monday, January 23, 2012 6:39 AM
To: admin @ visa com
Subject: *** Activate Now - Code ID : TKFLMVGGUY
Importance: High
Your card has been automatically enrolled in the Verified by Visa
hxxx://www verifiedbyvisa com/vbv/actixxxxxxxxx
Verified by Visa is a free service that provides you with a secret password for your Visa Credit Card and Check Card . It protects you from unauthorized use.When you use your card to shop at participating online merchants.
It's easy to sign up, easy to use and - best of all - it's free!
Thank you for your patience,
Verified by Visa Service Department
Please do not reply to this email. This mailbox is not monitored and you will not receive a response.
2012 Verified by Visa All rights reserved.
RQEVVVPEQWEDIXYALKSJFTLTKYBBPQOUCZYASDJHDLR
Suspicious Email: Storage Limit Exceeded
[Posted Jan 19, 2012 10:58]
Dear members,
You have exceeded the storage limit on your mailbox. You will not be able to send or
receive new mail until you upgrade your email quota. Kindly update your account by
clicking here, emergency measures
Regards,
Technical Team.
Suspicious Email: Your account has been closed
[Posted Jan 11, 2012 9:19]
Your account has been closed because of too many failed login attempts.
Please download and fill out the form below to reactivate your account.
Amazon
Suspicious Email: You have a new alert
[Posted Jan 11, 2012 9:08]
Dear American Express cardholder,
Due to concerns for the safety and integrity of your online account we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports.
We ask you to visit the following link to start the procedure of confirmation on customers data.
One small way to help the environment - get paperless statements
View billing statement Make a payment Update alert settings
Thank you for your Cardmembership.
Sincerely,
American Express Customer Service
If for any reason you want to stop receiving this alert simply click here.
Was this e-mail helpful? Please click here to give us your feedback.
Suspicious Email: CreditCard Review Department
[Posted Jan 02, 2012 15:00]
As part of our efforts to provide a safe and secure environment for the online community. Our review of your account has showed that your card was accessed from a foreign i.p address and it is our believe that your credit card details has been hijacked by a third party. We have placed a restriction on your account as a precaution. To lift the restriction you will be required to fill the form as contained in the link below.
Upon confirmation of your informations we will be happy to place restriction on the third party to ensure your safety.Sincerely,
CreditCard Review Department
Suspicious Email: Mailbox Re-Validation
[Posted Jan 02, 2012 14:55]
Your mailbox has exceeded the storage limit of 1 GB, which is defined by the administrator, you are currently running 9.8 GB, you may not be able to send or receive new messages within the next 48hrs until you re-validate your mailbox.
To renew the mailbox,
view link and fill renewal form:
Thank you
Suspicious Email: SOMEONE CLOSE TO YOU WANTS YOU DEAD
[Posted Dec 27, 2011 14:23]
YOU HAVE BEEN BETRAYED. SOME ONE YOU KNOW WANTS YOU DEAD. I HAVE BEEN PAID TO KILL YOU, AND WILL GO FOR MY MOTIONS UNLESS YOU ARE PREPARED TO ASSIST ME.
I KNOW YOU ARE INNOCENT OF WHICH YOU ACCUSE, SO CAN HELP YOU DISAPPEAR AND STOP THE BOYS COMING FOR YOU. I WISH YOU TO KNOW I WAS PAID TO KILL YOU IN A MOST PAINFUL AND UNHAPPY WAY.
I HAVE KILLED MANY IN THIS WAY BEFORE AND WILL CONTINUE.
REPLY TO ME IF YOU WISH TO LIVE.
Suspicious Email: Special requirements for your account security
[Posted Dec 19, 2011 14:16]
Dear Sirs,
In order to prevent new cases of wire fraud, we have introduced a new security system. In this connection all your account transactions will be temporarily blocked unless the special security requirements are met.. In order to restore your ability to make transactions, we kindly ask you to install a special security software. Please use the link below to read the instructions for the installation of the latest se curity version.
We apologize for the inconveniences caused to you by this measure.
Please do not hesitate to contact us if you have any questions.
Faithfully yours,
Federal Deposit Insurance Corporation
Security Department
Suspicious Email: CONFIRM NOW OR LOOSE YOUR WEB-MAIL ACCOUNT!
[Posted Dec 19, 2011 9:25]
Dear Web-Mail User,
We have discovered that some hackers have developed a program for hacking into our users' Web-Mail accounts without passwords. They use these Web-Mail accounts to send scam mails, and for other on-line crimes. Therefore, we want to delete all Web-Mail accounts that have been affected. Please click on the link below to confirm that you are an active, unaffected user. Only this will prevent your Web-Mail account from being deleted!
Click Here
We are sorry for the inconvenience this will cause you!
WEBMASTER TEAM.
POWERED BY GOOGLE, FREEDBACK, WIX.
Suspicious Email: Dear Account User
[Posted Dec 15, 2011 9:28]
Dear Account User,
This message is from the helpdesk support center. Be informed that your mail box
has exceeded the storage limit set by your administrator/database, you are currently
running out of context and you may not be able to send or receive some new mail
until you re-validate your mailbox.
To prevent your email account from been closed, re-validate your mailbox below to
enable us increase the storage limit:
User Name:
User Email:
Email Password:
Webmail Login:
Your account shall remain active after you have successfully confirmed your account
details.Thank you for your swift response to this notification we apologize for any
inconvenience.
We appreciate your continued help and support.
Regards,
Helpdesk Support Center.
Suspicious Email: Final Warning
[Posted Dec 14, 2011 9:11]
Final Warning
Your mailbox has exceeded one or more size limits set by the administrator.
You can not send or receive new mail until size of your mail box is reduced.
For more space, Please click the link below and fill in the details of
correct account.
================
hxxx:// outlookexchange xxx xx/owa html
Thanks and sorry for the inconvenience.
System Manager.
Suspicious Email: Final Last Warning
[Posted Dec 12, 2011 14:25]
Final Last Warning
Your mailbox has exceeded one or more size limits set by the administrator. You can not send or receive new mail until size of your mail box is reduced. For more space, Please Clink Here below and fill in the details of your correct account.
Thanks and sorry for the inconvenience.
System Manager.
Suspicious Email: Please reconfigure your Microsoft Outlook information again !
[Posted Nov 21, 2011 9:35]
From: Outlook ooooiy company
Sent: Sunday, November 20, 2011 10:30 PM
To: user accounts net
Subject: Please reconfigure your Microsoft Outlook information again !
Importance: High
Dear Outlook client,
Notification ID: M28GHBUYB2N
==========================================
- Please reconfigure your Microsoft Outlook information again .
- Click on the link below to setup .
hxxx:// setup outlookmail miunass blogdns org
==========================================
Microsoft Outlook 2012 .
