Microsoft Outlook Password Reset Scam (04/17/2014)

The following e-mail attempts to lure users into clicking on the linked site.  The site is a scraped version of a Microsoft Outlook Website requesting username and password information that is sent to attackers once submitted.

For more information on email and phishing scams, please contact the VCU helpIT center at 828-2227 or

From: Microsoft Outlook <>
Date: Thu, Apr 17, 2014 at 5:23 AM
Subject: Incident ID:WP-1893812258564

- Please reconfigure your Microsoft Outlook information again .
- Click on the link below to setup .<Redacted>EmailID=xzkmciqohcg&r=Pdxdugnluvrzufx


Microsoft Outlook 2014 .

Comments Off

Microsoft tech Support Phone scam (4/15/14)

The Microsoft tech support phone scam involves a scammer attempting to trick his / her victim into installing malicious software over the phone. The scammer will call the victim and pretend to be Microsoft (or Apple, or any other computer company). Once the victim picks up, the scammer will tell the victim that he or she is being hacked or are having issues with his or her computer. The scammer may then proceed to have the victim run a few general commands with fixed outputs and advise the victims that the outputs are abnormal. Finally, the scammer will attempt to convince the victims to download and execute a “patch” or any other type of “remediation software” on the victims’ computers. In reality, these software are actually malware or spyware, which will then provide the scammer with full access to the victims’ computer and data.

If you have received phone calls from individuals claiming to be  employees  or contractors of Microsoft, Google, Apple, or any other computer company, and they try to tell you that your computer is infected or are having issues, you should disconnect the call, as these are almost certainly scams. If any non-trusted person asks you to download anything from the Internet, you should refuse to do so, as the software could be malicious. For more information on scams, please contact the VCU helpIT center at 828-2227 or

You can find more information about these scams at:

Comments Off

Free money scam (4/15/14)

The following scam attempts to trick its victims into providing their personal information, and eventually trick the victims into supplying “transfer fees”, which the scammer will then steal from the victim. Note the phishy sender’s email address, grammatical errors, and the offer that is too good to be true; all of these are tell tale signs of a scam. Please delete this scam if you have received it. For more information on email and phishing scams, please contact the VCU helpIT center at 828-2227 or


From: Ms LERATO <>
Date: Tue, Apr 15, 2014 at 6:18 AM
Subject: From Ms Learto/open attchment.

<Attachment deleted>

=== Attachment Contents ===

My Dear,

i know it is not easy this days to believe people because of what is happening in the World today, I am

very happy to have your e-mail contact; My name is Mrs.Lerato Maibelo, I work in a government as a

top position here in South Africa I have the sum of U$11,000.00M that was deposited in a private bank

in London for onward investment; i am also assuring you that i will never let you down, you should also

never let me down when this money will come to your bank account.

Hope you did understood my business proposal clearly and the fund involve is US$11,000,000.00

respectively, I am responsible for awarding and executing of contracts in our department in the Ministry

of Foreign affairs. For this reason I am given you 100% assurance that this transaction will be successful,

the fund in question is not in my personal account but under the National Treasury department.

I need your personal details in order to set up the claim documents in your name as the right person

who executed the said contract to enable the ministry authorized their payment bank to release

theUS$11,000,000.00 under your name and I will compensate you with 50% of the total and 50% goes to

my account.

Thank and God bless you.

Mrs. Lerato Maibelo.


Comments Off

Virus Alert targeted scam (4/14/14)

The following phishing scam is designed to trick its victims into clicking on a malicious link, which will then steal the victims’ credentials. This is a more sophisticated scam, as the email is spoofed to look like it actually came from VCU. However, when the content of the message is observed, it is not difficult to see that there is generic language used, and a non-VCU link masked under “click here”, both of which are tell tale signs of a scam. Please keep in mind to hover your mouse over the link to see its true destination. If you have received this scam, please delete it. For more information on phishing and email scams, please contact the VCU helpIT center at 828-2227 or


From:        “Virginia Commonwealth University” <> — Spoofed Email
Date:        04/13/2014 04:46 PM
Subject:        WARNING! Virus Alert

Dear user,

Click to validate your account CLICK HERE (Malicious link removed) to eliminate the threat in your mailbox.

Thank you
HelpIT Center

Virginia Commonwealth University


Comments Off

Apple account scam (4/11/2014)

The following scam attempts to trick its victim into clicking on a malicious link, which will then download malware on to the victim’s computer or steal the victim’s login credentials. Note the sender’s address is not from Apple, and the link in the email does not go to, both of these facts are signs of a phishing scam. If you have received this email, please delete it. Keep in mind that before clicking on any link, hover your mouse over it to see its true destination. For more information on phishing and email scams, please contact the VCU helpIT center at 828-2227 or


From: <>
Date: Thu, Apr 10, 2014 at 8:37 PM
Subject: Your account Apple© is not enabled, Confirmation of your identity !

Dear Customer,                                                               
Your iTunes Connect has been used to open a session iCloud from an unauthorized computer.
Your iTunes account is now locked, please access your account to check yourinformation.Check Now (Malicious link removed)
Comments Off

Apple purchase scam (4/7/14)

The following scam is well crafted and is designed to trick a victim into clicking on a malicious link, which will subsequently compromise the user’s account. Note the non-Apple sender’s email and the non-Apple link that is masked under the apparent link. Remember, before clicking on any links, you should always hover your mouse over the link to see its true destination. If you have received this scam, please delete it. For more information on phishing and email scams, please contact the VCU helpIT center at 828-2227 or


From: Apple <>
Sent: Mon, Apr 7, 2014 1:07 pm
Subject: Your Purchase from iTunes Shop!

Dear Customer,

Your Apple ID, was just used to purchase “Somewhere Over the Rainbow / What a Wonderful World” by Israel Kamakawiwo’ole from the iTunes Store on a computer or device that had not previously been associated with that Apple ID.

If you made this purchase, you can disregard this email. It was only sent to alert you in case you did not make the purchase yourself.

If you did not make this purchase, we recommend that you go to to cancel the transaction, Confirm that you’re the owner of the account and then follow the instructions.


Comments Off

Webmail Maintenance Scam (4/7/2014)

The following email attempts to have you provide information through the link (which has been redacted). Note the sense of urgency, threat of email suspension, and generality when speaking.

From: Admin <>
Date: Mon, Apr 7, 2014 at 3:26 AM
Subject: Upgrade Email

This is a general maintenance for your webmail have been reported for receiving spam messages and the space limit needs to be increased an extra 10 GB as placed by the Admin.

To Upgrade Email Click Here

Failure to comply will result to permanent termination of Email

Thank you

Webmail Admin.

Comments Off

Blackboard phishing scam (4/5/2014)

The following scam attempts to trick its victims into clicking on a malicious link, which will subsequently attempt to steal the victims’ credentials. Note the non-Blackboard link when you hover your mouse over the masked link. Before clicking on links, you should always hover your mouse over them to see their true destination. If you have received this scam, please delete it. For more information on phishing and email scams, please contact the VCU helpIT center at 828-2227 or


From: “Blackboard Articles” <> (Spoofed email address)
Date: Apr 5, 2014 3:40 PM
Subject: Blackboard Notification – New Article


Your school has uploaded an article with your information tagged in the content.

Please sign in immediately to review your information.

Click here to sign in and review the article now (Masked malicious link redacted)

Comment/Notifications of articles that are published will be delivered to you.

Black board Articles.

Comments Off

Webmail Congestion Phishing (4/3/2014)

The latest phishing email that is making its rounds through the VCU email systems. Notice the generic greeting and unfamiliarity with the recipient as well as the sense of urgency. Please note that has already removed the page linked in “Verify Email” as it violated the Terms of Service for that site.

From: “EMAIL SUPPORT@emailverificationcom” <>
Date: April 2, 2014 at 4:41:46 PM EDT
To: “” <>
Subject: Email Verification [Action Required]


Dear Email Holder,
Due to the congestion on our webmail server, we will be shutting down all unverified email accounts. To avoid this situation, you will have verify your




No further action is required as soon as you have completed the simple verification process. It is however necessary that you repeat this process for all other email address(es) you or your organisation own.

If this message was found in your spam/junk folder, please move to inbox.

Thank you.
Email Support Team.

Comments Off

Google Plus 2014 Scam (3/26/2014)

A variation of an earlier Google scam:

From: Google Inc. <>
Date:  03/26/2014 01:22 PM
Subject: Notification


Dear Google User,

Congratulations for emerging as one of our winners, see attached document
for details.

User Name Redacted
P.R.O Google

This email is free from viruses and malware because avast! Antivirus protection is active.


The following portion is sent as an attachment:

Dear Esteemed User.


On behalf of Google Inc. we want to wish you a happy new year and a prosperous 2014,Google is delighted to put a smile on the faces of our numerous customers, hence the Google Plus 2014 Promotion was conducted and this is first of it’s kind and this is  part of our Social Responsibility to our Customers and users of our ancillary services, we found it imperative to give back to our customers across the globe, and to plead for your continuous loyalty to the Google Brand.


In view of this we decided to organize the Google Plus 2014 Promotion and the sole reason for this is to reward our numerous users/customers/clients who in one way or the other who have contributed to our great success and achievement and had dealings with Google Services, Search Engine, Gmail, YouTube, Translator, Google Map, Google Earth, Ad Sense  and also to propagate the use of Google+ and the acceptance of the Google Android Applications and Google Play.


We  decided to come up with this promotion to show our appreciation and also pray your continual usage of our services. In view of this the GOOGLE PLUS 2014 PROMOTION was organized which is first of its kind to encourage our users and also introduce our latest Google Tablet (Google Nexus 10), we uphold the interest of our users and customers and are always committed to give them the best.


We are pleased to congratulate you for emerging as one of our lucky winners in the ongoing GOOGLE PLUS 2014 PROMOTION for your continual usage of our services, hence you are among one of the winners in the Batch A listing. As we believe that with your prize, you will continue to be active in your patronage and loyalty to Google as a total of 10 Winners emerged worldwide, drawn from different continents of the world. Your eligibility for this reward was due to the fact that you have used the Google services at one time or the other within the last 10 Years.


A Bank Cheque have been issued in your favor, hence you have won for yourself the sum of £550.000.00 (Five Hundred and Fifty Thousand Great British Pounds Sterling), One Google Nexus 10 Tablet and also you have been enlisted as One of the Google Ambassadors for 2014.


We are aware of the continual rampant abuse of Google as a company and other multi-national companies  and we are assuring all our users/clients and Winners that we are working on this, as Google does not run a lottery.Hence all information with regards the Promotion will be treated with utmost confidentiality.

You will be requred to contact our Reward  Co-Ordinator Dr. Michael Christopher by neatly filling the verification and funds release requirement  below, as your payment will be released and arranged by our United Kingdom Office;




First Name:

Last Name:

Residential Address:

Telephone/ Mobile:


Date Of Birth (dd/mm/yy):



Alternate Email(Optional):


To File For Your Claim, Please Contact Our,REWARD  CO-ORDINATOR

Dr. Mxxxxx Cxxxxx (Name Redacted


Telephone : +44-740-405-xxxx


Note: You can either fill your claims verification form by printing and manually filling out the requested details or you can fill directly on e-mail, or provide the details on Microsoft Word.



Congratulations from the Staff & Members of Google Incorporated.



Dr. Lxxxxx Pxxxxxx (User Name Redacted)

Chairman of the Board and Chief Executive Officer,

Google Inc.

Corporate Headquarters,

1600 Amphitheatre Parkway, Mountain View,

California, 94043, United States of America

Comments Off