Compliance Advisement scam (11/21/17)

The following scam attempts to trick its victims into clicking on a malicious link, which will subsequently steal login information from the victims. Notice the non-VCU / non-VCUHS sender’s email, the sense of urgency, and the generic language; All of these are signs of a scam. Please delete this message if you received it.
——————————————————————————-

From: Thomas Elmes <Thomas.Elmes@fai.ie>
Sent: Tuesday, November 21, 2017 09:43 AM
Subject: [EXTERNAL] RE: Information Technology Security!!!

Information Technology Security & Compliance Advisement
If you are receiving this please note that your mailbox needs to be re-validated today November 2017.

What You Need To Do?
1) Click RE-VALIDATE Now
2) DELETE all hidden attachment.
3) If you open the link, fill correctly in other to allow Service Desk Scan your computer.

Please do not reply to this email. This mailbox is not monitored, and you will not receive a response.

Thank you,

Information Technology

Leave a Comment

Package? (11/14/17)

The following scam attempts to trick its victims into clicking on a malicious link, which will subsequently steal login information from the victims. Notice the non-VCU / non-VCUHS sender’s email, the sense of urgency, and the generic language; All of these are signs of a scam. Please delete this message if you received it.

 

———- Forwarded message ———-
From: <Amanda@businessdesc.info>
Date: Tue, Nov 14, 2017 at 8:46 AM
Subject: package?
To: victim@vcu.edu

Hi,

A package was delivered to us by mistake…..I think

I opened the box and noted that your email was on the invoice…coming up to summer I thought it might be personal or work related.

We are just down the road by the Mcdonalds. I can drop it by if you will be in this afternoon?

I took a picture of the invoice, I can’t make out the name but you can clearly see your email address

Click here

Comments Off on Package? (11/14/17)

Money transfer scam (10/24/17)

The following scam attempts to trick its recipient into wiring money to the scammer. The scammer in this case pretends to be the supervisor or a senior staff in a department, and attempts in tricking the fiscal services staff into making a financial transfer. If you receive emails asking you to make a fund transfer from what appears to be a supervisor or senior staff, it is always a good idea to confirm with the person either in person or through phone before taking any actions.

_______________________________________

From: Wixxxxxx xxxxxxx<mxxxxxxx@vcu.edu>
Date: Tue, Oct 24, 2017 at 9:19 AM
Subject: AVAILABLE?
To: Cxxxxx@vcu.edu

Hi Cxxxxx,

I need you to initiate a payment of $3,250 to a vendor today. Please Let me know if you are available so i can send you the beneficiary details.

Thanks,

Wixxxxxx xxxxxx

Comments Off on Money transfer scam (10/24/17)

IT DESK scam (10/23/17)

The following scam attempts to trick its victims into clicking on a malicious link, which will subsequently steal login information from the victims. Notice the non-VCU / non-VCUHS sender’s email, the sense of urgency, and the generic language; All of these are signs of a scam. Please delete this message if you received it.

____________________________________

From: Amy Hxxxxxxxxn <axxxxxxx@cxxxxxranch.com>
Date: Monday, October 23, 2017 at 3:14 PM
To: “info@jdhjsjsks.com” <info@jdhjsjsks.com>
Subject: [EXTERNAL] Re: IT DESK (Urgent)

 

We are updating all emails and migrating to our new server, IT DESK requires that you perform an upgrade migration by clicking on the update migration below:

 

Update Migration (Malicious link removed)

 

You will not be able to send or receive emails and data would be lost if you do not migrate above. We are sorry about the inconvenience caused and our it help desk is continuously updating systems.

 

Amy Hxxxxxxxxn
Registered Nurse | Health & Healing

Cxxxxxx Ranch Txxxxxxx
axxxxxxx@cxxxxxranch.com

Comments Off on IT DESK scam (10/23/17)

President of VCU Phishing attempt (10/23/17)

Below is a phishing attempt to get the user to open a malicious PDF.  Notice the unknown sender’s email address, generic language, and non-VCU or VCUHS link; all of these are signs of a scam.
_________
From: Karen Deveney <deXXXXXXX[@]ohsu[.]edu>
Date: Mon, Oct 23, 2017 at 10:59 AM
Subject: FW:[ATTENTION REQUIRED] Virginia Commonwealth University Employee Organizational Internal Communications
To: VICTIM@vcu.edu
Image result for vcu.edu
FROM THE OFFICE OF THE PRESIDENT

Dear Colleagues,

Integrity has long been a hallmark of our success. It characterizes everything we do. In fact, when we talk about the core values of our company, we start with integrity. Integrity means being straight forward, honest, and transparent in our professional and business relationships. This means doing what we say and saying what we do.

Each of us makes a wide range of business and ethical decisions every day in the execution of our responsibilities on behalf of VCU. We are fully committed to ensuring that such decisions comply with the letter and spirit of the law and are ethically above reproach.

This Code of Ethics and Business Conduct is a guide to making the best possible decision in situations affecting your fellow employees or our shareholders, customers, and partners, as well as the communities in which we live and work. In simple terms, our Code contains the guidelines we must all follow to do business the only way we should: the right way.

NOTE: It is fundamentally Urgent that all staffs read attached.

Michael Rao, Ph.D.
President, VCU and VCU Health System
Virginia Commonwealth University
Image result for vcu.edu
910 West Franklin Street
Box 842512 l Richmond l Virginia l 23284-2512

NOTE:  The attached file is in an Acrobat Reader PDF document.  If you cannot read this document, please download the FREE Acrobat Reader at http://www.adobe.com/acrobat
Comments Off on President of VCU Phishing attempt (10/23/17)

Bounced Inbox Message Scam (10/17/17)

The following scam attempts to trick its victims into clicking on a link, which will subsequently attempt to steal information from the victim. Notice the unknown sender’s email address, generic language, and non-VCU or VCUHS link; all of these are signs of a scam. Please delete this message if you received it.

__________________________________________

From: conqrent@sh6.hosty.nl [mailto:conqrent@sh6.hosty.nl]On Behalf Of Bounced Inbox Messages
Sent: Monday, October 16, 2017 6:41 PM
To: xxxxxxxxx <xxxxxxxxxx@vcuhealth.org>
Subject: [EXTERNAL] Message Delivery : You Have 34 Unprocessed/Pending Messages to be Delivered

 

Dear xxxxxxx@mcvh-vcu.edu ,

This message is to inform you about your Pending messages, that have bounced back
which are listed below on your Pending Folder enlisted are actions that can be taken:

 

  1. Action Select toRestore pending messages (Malicious link redacted)
    II. Action Select to Forward a copy of the message (Malicious link redacted) to IT Administrators for analysis.

 

 

Note : Messages will be lost and damaged if the above actions are not performed

Office Mail Delivery Notice

Comments Off on Bounced Inbox Message Scam (10/17/17)

Facebook Login Attempt Scam (10/17/17)

The following scam attempts to trick its recipients into clicking on a link, and will subsequently steal their user credentials. Notice the vague wording of the email, them email address from someone you dont know, and sense of urgency, all of which are signs of a scam

_______

From: <D.Tracey@positivecoupon.com>
Date: Tue, Oct 17, 2017 at 8:50 AM
Subject: Did you attempt to log into my facebook by accident?
To: victim@vcu.edu


Was this you …..?

We have detected an unauthorized login attempt. 10 or more incorrect passwords in a row were attempted. Please log int to veify any changes.

Comments Off on Facebook Login Attempt Scam (10/17/17)

Bank account scam (10/16/17)

The following scam attempts to trick its victims into clicking on a link which subsequently is designed to steal information from the victim. Notice the non Charles Schwab sender’s email address, generic language, and the non Charles Schwab website; all of these are tell-tale signs of a scam. Please delete this message if you received it.

___________________________________________

From: SCHWAB ITSupport [mailto:reidar.xxxxxx@bredband.net]
Sent: Monday, October 16, 2017 8:47 AM
To: ALERTS1@SCHWAB.COM
Cc: ALERTS1@SCHWAB.COM
Subject: [EXTERNAL] Account

 

 

We are currently updating and verifying all active SCHWAB accounts. Click here (Malicious link redacted) to perform the SCHWAB Account maintenance to allow pending e-payments.

Comments Off on Bank account scam (10/16/17)

Payment notice scam (10/12/17)

The following scam attempts to trick its victims into clicking on a link. Once the person clicks on the link, the malicious website will attempt to steal the individual’s banking credentials. Notice the non-Chase bank sender’s email address and the obscured link; both are tell tale signs of a scam. Please delete this email if you received it.

____________________________________________

From: Susie Owens [mailto:susie.xxxxxx@hotmail.com]
Sent: Thursday, October 12, 2017 10:38 AM
To:
Subject: [EXTERNAL] Your new Chase payment notice

 

Hello John XXXXXX,

You sent an instant payment of $2262.84 to Stone, Cheryl L.
Allow up to 10 minutes for a transaction to appear on you account.

See your transaction details below. (Malicious link removed)

Chase. Forward Thinking

Warm Regards,
Michael Jones

Please do not reply directly to this email box. This email address is for sending purposes only and you will not get a response.

Comments Off on Payment notice scam (10/12/17)

W2 Scam (10/12/17)

From: <Richard@bxxxxxxxxsc.info>
Date: Thu, Oct 12, 2017 at 2:38 PM
Subject: W2 paperless
To:

Dear Account Owner,

Our records indicate that you are enrolled in the Virginia Commonwealth University paperless W2 Program. As a result,
you do not receive a paper W2 but instead receive e-mail notification that your online W2 (i.e. “paperless W2”) is
prepared and ready for viewing.

Your W2 is ready for viewing under Employee Self Service. Logon at the following link:  Click here (Malicious link redacted)

If you have trouble logging in to Employee Self Service at the link above, please contact

Mail to
VCU Payroll Services
P. O. Box 842511
Richmond VA 23284-2511

or Deliver to
Human Resource Building
104 North Belvidere Street

or Fax to
(804) 828-3200
On completion of successful logon you can download and open the word document via this link now and enter your zipcode to see your 2017 open enrollment access info.

AAHUTI GUPTA
FINANCIAL ADMINISTRATOR
VCU HR DEPARTMENT

Comments Off on W2 Scam (10/12/17)