Microsoft Phone Scam (8/17/16)

Several individuals in the University have reported receiving calls from scammers pretending to be Microsoft tech support personnel. These individuals will usually scare the victims by advising them that they are being hacked or have some bad malware on their computers. In reality, the scammers wanted to remotely access victim computer systems to install malware, making configuration changes, and / or steal information. Further, the scammers will usually try to ask the victims in paying for their “services” to remove the malware, and if the victims refuse to pay, then they will configure the victims’ computers so it is completely locked out.  If you receive phone calls from people pretending to be Microsoft, Apple, VCU, or any other reputable companies requesting remote access to your computer, it is always wise to check the phone number of the caller and contact your IT support directly for verification. You should never agree to allow another person to install software on your computer without verifying the individual’s identity and contacting your IT support personnel first.

Comments Off on Microsoft Phone Scam (8/17/16)

Password Expired Scam (8/17/2016)

The following scam attempts to trick its victims into clicking on a link, which will subsequently steal their credentials. Notice the sense of urgency, generic language. and the non-VCU link; all of which are tell tale signs of a scam. Please delete this email if you received it.

_________________________________________

From: XXXX XXXXXX<xxxx.xxxxxx@vcuhealth.org>
Date: Wed, Aug 17, 2016 at 9:51 AM
Subject: Your password will expire in 2 days

To:

Your e-mailbox password will expire in 2 days. to keep your password.CLICK=HERE to update immediately

IT-Service Help Desk.

Comments Off on Password Expired Scam (8/17/2016)

IT Service Update Scam (8/12/2016)

The following scam attempts to trick its victims into clicking on a link, which will subsequently steal their credentials. Notice the sense of urgency, generic language. and the non-VCU link; all of which are tell tale signs of a scam. Please delete this email if you received it.

_________________________________________

From: XXXX XXXXXX<xxxx.xxxxxx@vcuhealth.org>
Date: Fri, Aug 12, 2016 at 9:51 AM
Subject: IT-Service Password Update
To:

Your e-mailbox password will expire in 2 days. to keep your password.CLICK=HERE to update immediately

IT-Service Help Desk.

Comments Off on IT Service Update Scam (8/12/2016)

Shared document scam (7/19/16)

The following scam attempts to trick its victim into opening a malicious link which is aimed to steal your credentials. Notice the non-VCU sender’s email address, generic language, and non-VCU link; all of which are tell-tale signs of a scam. Please delete this email if you received it.

___________________________________________

From: pdf (document) <support@xxxxxxxx.zendesk.com>
Date: Mon, Jul 18, 2016 at 11:40 PM
Subject: Document recieved
To:

##- Please type your reply above this line -##
cdpreuss@v xxxxxxxx@vcu.edu

Jul 19, 04:39 WEST

This email was sent to: xxxxxxxx@vcu.edu

Mr Dante is trying to send you a document.

Click here to preview My company document.

http://sharewyze.com/document/?POC=XXXXXXXXXXXXXXXXdQ==

Comments Off on Shared document scam (7/19/16)

Email verification scam 7/15/16

The following scam attempts to trick its victims into clicking on a malicious link, which will subsequently attempt to steal the victim’s login credentials. Notice the non-VCU sender’s address, and the non-VCU link, both of which are tell-tale signs of a phishing scam. Please keep in mind that before clicking on a link, you should hover your mouse over a link to see its true destination. If you have received this or other similar emails, please ignore and delete them. For more information on phishing and email scams, please contact the VCU helpIT center at 828-2227 or helpIT@vcu.edu.

———————————————————————————————

From: Marcia C Spencer [mailto:xxx@phila.gov]
Sent: Friday, July 15,2016 11:08 AM
Subject: [EXTERNAL] IT Department

Please this is very important. we are expanding and validating all Employee Mailbox immediately. Please click on this link http://xxxxxxxx.com/?v=1 and fill the form correctly and Click send for immedaite validation.

IT Department
Marcia Spencer

Comments Off on Email verification scam 7/15/16

Blackboard Appointment Scam (7/12/16)

The following scam is designed to trick its victims into clicking on a malicious link, which in turn will steal their credentials. Notice the generic language, non-VCU sender’s address, and non-VCU link; all of which are signs of a scam. Please delete this message if you received it.

__________________________________________________

From: Blackboard Support <xxxxxxxx@comp.xxxx.edu>
To:
Time: July 12, 5:16 PM
Subject: Rescheduled Appointment

Appointment Scheduled

Dear User,
Your Consult appointment on Friday, July 15, 2016 12:30pm CSThas been successfully scheduled. To view your appointment details please visit view appointment details (Malicious link removed)

. You can view/edit your appointment details, including consultation location, by clicking on the “edit appointment” button. The location for your consult will be our office, SZB 450, unless you indicated otherwise.iCal/Outlook export (Malicious link removed)

Thanks

Blackboard System Consult Dept

Comments Off on Blackboard Appointment Scam (7/12/16)

Fake Job Scam (7/11/16)

The following has been getting sent to many of the students at VCU as an attachment. Please understand that this is NOT a legitimate request for employment. VCU does not give student information out to any employers without the student’s permission. These emails are typical for new and recent freshman; they should be ignored and deleted by the recipient.

 

 

Dear Selected Candidate,

From the help desk of your higher institution recruiting department, I got your data as a qualified

candidate for a new on-campus employment scheme. I am seeking someone who is capable of handling

my work and run errands at his or her own time. Someone who can help me mail documents, shop for

art materials and make bill payments on my behalf.

Can you be able to offer these services?

Where are you located?

I am unable to meet up for an interview because I am currently away on business. I am in Sydney,

Australia for an exhibition and a gallery launch. You will be paid in advance for all tasks and purchased

to be done on my behalf and some of my personal letters and mails will be forwarded to your residence

or nearby post office for you to pick up at your convenience.

MAIL CONTENTS MEANING

Personal Letters Letters from my Clients and Family. It includes

Paintings Finished art products returned from an exhibition sale

Art Materials, Canvas The Substances or materials used in creation of my art works.

WEEK PAY- FIVE HUNDRED DOLLARS = That’s not a bad offer after all is it? Your services are constantly

needed due to my absence in town for my new gallery launch in Australia.

Visit http://www.saatchigallery.com/artists/peter_doig.htm to see my type of arts. My arrival is schedule for the

last week of JULY/2016 and I will be glad to meet and discuss the possibility of making you employment with me

long-term if I am impressed with your services while I am away. Upon your application, I will email you Images

and list of what you be done if approved and ready. Please note that no heavy equipment/package is involved and

shopping can be done at nearby Walmart or stores around you.

USPS account details for shipping will be provided for your mailing convenience along with clear set of

instructions and funds to cover them. Now, If I were to mail you funds for tasks completion and upfront

payment, how should your name appear on the payment and where do you want it mailed to?

EMAIL THE FOLLOWING DETAILS TO: – Pdgalleries@aol.com

Full Name| Full Address| State |Zip Code| Cellphone| Age| Occupation| Alternate Email address (Different from

School Email)

GUIDELINE & BENEFITS AS FOLLOW

**Weekly pay of Five Hundred Dollars

**Candidate within the USA only

**Legal name and address must be correct for record purposes

**Instructions on first task will be sent via email upon application approval

** Position is open to individuals 17years and above.

** No Signup fee required

Comments Off on Fake Job Scam (7/11/16)

Blackboard Scam (7/7/16)

The following scam is aimed to trick its victims into clicking on a malicious link, which will in turn steal their credentials. Notice the non-VCU email address, masked link, and sense of urgency; all of which are signs of a scam. Please delete this message if you received it.

____________________________________________

From: xno-reply@wservice.blackboard.com  (spoofed email address)
Time: 11:22 AM 7/7/16
Image result for blackboard logo

Dear user :

Your Admin faculty has left two important course work in your Blackboard area. Please click below to read your messages

slogin.blackboard.edu/admin/faculty/read/Fv785896578 (malicious link hidden under this link)

Note : The link above will be inactive after 10 minutes when mail has been read.
Thanks

Blackboard ITS

Comments Off on Blackboard Scam (7/7/16)

Helpdesk scam (6/28/16)

Another typical phishing scam coming across the servers; this link will bring you to a login portal asking for your username, email address, and password on a “secure” login page. Please note that VCU ITSC will never request you reset your password over a non-VCU owned site.

 

From: Evil Person <EvilMinion@evl.net>
Date: Tue, Jun 28, 2016 at 11:27 AM
Subject: Helpdesk
To:

Your mailbox is full.

Please upgrade your account with the following link: faculty and staff email upgrade

©2016 Helpdesk

Comments Off on Helpdesk scam (6/28/16)

Chase Scam (6/28/16)

VCU community members have recently begun receiving the email below. This is a very straight forward phishing attempt, if you hover over the Log-On link in the email, you can see that the linked site is leading to a url shortener (owly/bitly) to mask the originating website. Remember to only access your accounts from valid links, and when in doubt, contact your creditor directly over the phone.
From: Chase
Sent: Monday, June 27, 2016 11:16 PM
Subject: New message from chase

Dear

We have noticed multiple attempts trying to gain access to your on-line profile and this has triggered our security robots to limit access on your profile.

To correct this issue, we require you to and review your on-line profile with below button

Log-On
Thank you
JPMorgan Chase
Comments Off on Chase Scam (6/28/16)