Archive | Uncategorized RSS feed for this section

IT helpdesk scam (3/27/17)

The following scam attempts to steal your login credentials. Notice the  non-VCU email address, the generic language, and the masked link going to a non-VCU website; all of these are tell-tale signs of a scam. Please delete this message if you received it.


From: []
Sent: Monday, March 27, 2017 7:57 AM
Subject: [EXTERNAL] IT Helpdesk update


Welcome to the new outlook web app for Staff and Students

The new Outlook Web app for Staff/Student is the new home for online self-service and information.

Click here on Updated portal  (malicious link redacted) and login to:

  • access the new staff/student directory
  • access your pay slips and P60s
  • update your ID photo
  • look up student records using the contact search facility
  • use our quick links at the bottom of each page to help you find relevant tools and information about upcoming events.
Leave a Comment

Online W-2 Scam (3/24/17)

A very easily identifiable scam has been making the rounds at VCU. If you receive this email, do not click any links, and just delete it. Notice that VCU is “VUC,” this is something that attackers often try to use to fool unsuspecting employees.


From: noreply <Mr.>
Date: Fri, Mar 24, 2017 at 12:30 PM
Subject: [SUSPECTED SPAM]Your online W-2 form is now available

Welcome V.U.C Employees
Calendar year 2016 W-2 forms are now available for viewing/printing for employees. 
You can access your electronic W-2 form for 2016 now.
Login Account


Copyright © 2017 vuc Portal

Leave a Comment

Targeted Job Scam (2/16/17)

The following scam targets students with the promise of a good paying job without any form of interview. In reality, the scammer will send fraudulent checks to the students and steal money from their bank accounts. Please remember that no employer will offer you a job without any form of application, interview or selection process. If you see any of these “too-good-to-be-true” offers, then they are most likely not true, and you should delete these emails right away.


From: Daniel Richter <>
Date: February 16, 2017 at 9:36:46 AM EST
To: Undisclosed recipients: ;

Please see attached..


Comments Off on Targeted Job Scam (2/16/17)

Say “Yes” Phone Scam (2/6/17)

This phone call scam works by tricking its victims to say “yes” over the phone. The scammers will usually try to strike up a conversation with the victim, and in the middle of the conversation, then scammer will then ask the victim “Can you hear me?”, “Do you live in Virginia?” or “Are you an employee of VCU?”. The natural response for all of us may be to reply with “Yes”, but this is exactly what the scammers want. When the victim reply with “Yes”, the scammers will record the victim’s voice so that it can then be played back to victim after the scammer sends fraudulent invoices to the victim; citing the victim agreed to all of the services. Alternatively, the scammer can also use the voice recording of the victim to trick automated answering systems to conduct identity theft operations by signing up for various services and products using the victim’s identity. If you receive a phone call from an unknown number, you should be very careful when answering it; If the person on the other side of the line is an unknown individual and is attempting to ask you yes / no questions, you should hang up immediately and report the number to police.

Comments Off on Say “Yes” Phone Scam (2/6/17)

Wire transfer scam (2/6/17)

The following email is a targeted phishing scam designed to trick its recipient into issuing a wire transfer to the scammer. In this scam, the scammer pretends to be a senior VCU administrator, and notifies the recipients, who usually reports to this administrator, of an upcoming wire transfer. Notice the generic email, non-VCU email address, and sense of urgency; all of which are tell tale signs of a scam. It is always a good idea to contact the senior administrator directly via phone or another alternate communications channel before responding to these requests. Please delete this email if you received it.


Date: Mon, Feb 6, 2017 at 9:42 AM
Subject: RE:

Are you available? I have an outgoing transaction i need you to expedite today. Let me know when to send the details to you.


Comments Off on Wire transfer scam (2/6/17)

Lottery winner scam (2/2/17)

The following scam attempts to trick its victims into providing the scammers with their personal information. Notice the sender’s email, unknown lottery organization, and the too-good-to-be-true message; all of which are tell-tale signs of a scam. Please delete this message if you received it.


From: Info Desk <>
Date: Wed, Feb 1, 2017 at 4:43 PM
Subject: respond accordingly, you won

<PDF attachment – screenshot shown below>

Comments Off on Lottery winner scam (2/2/17)

Important Tax Document Available (2/2/17)

This phishing attempt is coming through at one very important time of the year. For VCU employees and faculty, please remember that your tax documents are provided through Banner only. If you receive this email, do not click the link. Delete it immediately, and do not forward it on to anyone else.


From: B, Lorraine <>
Sent: Thursday, February 2, 2017 10:05 AM
Subject: [EXTERNAL] Important Tax Document Available

A new tax document is now available to view online. To access your tax document, Log in to Tax Documents.

Comments Off on Important Tax Document Available (2/2/17)

W2 Scam (2/1/17)

The Following scam impersonates a VCU health system employee in order to trick the recipient into entering W2 information.  If you receive this scam please ignore and delete it.
From: <>
Sent: Wednesday, February 1, 2017 9:53 AM
Subject: [EXTERNAL] Paperless Account Information

Dear Account holder,

Our records indicate that you are enrolled in the the VCU health paperless W2 Program. As a result, you do not receive a paper W2 but instead receive e-mail notification that your online W2 is prepared and ready for viewing.

Your W2 is ready for viewing under Employee Self Service. Logon at the following link:

Click here to logon

If you have trouble logging in to Employee Self Service at the link above, please contact your administration Department for support.

If you would like to un-enroll in the Paperless W2 program, please logon to Employee Self Service at the link above and to to the W2 delivery Choice webpage and follow the instructions.

Elizibeth Saunders
VCU Health System
PO Box 980483
701 East Franklin Street
Richmond VA 23298-0483
O: 804.628.5315
M: 804.240.0040

Comments Off on W2 Scam (2/1/17)

Wire Transfer Scam (1/31/17)

In the following scam, the scammer pretends to be a senior management staff member in the University and attempts to contact fiscal administration staff in hopes of initiating fraudulent wire transfers. These scams are usually very targeted and well crafted, and is designed to steal money from the University. The generic message is usually a sign for these scams. When these emails are received, it is always a good idea to check with the senior management staff via phone or another communications mechanism to ensure the legitimacy of the email. Alternatively, you can always contact VCU IT Support Center for assistance in the verification of the email.



Date: Mon, Jan 30, 2017 at 10:37 AM

Hi yyyyyyy,

Are you at the office? Write me back when you are.
Sent from my iPhone.

Comments Off on Wire Transfer Scam (1/31/17)

Apple GSX phishing scam (1/18/2017)

The following scam is designed to target University IT personnel and attempts to trick these personnel into providing login information to the scammer. This scam is sophisticated in a way that the attacker have spoofed the identity of an Apple email server. However, the tell-tale signs of the scam appears in the form of an unknown reply email address at and the mis-spelling and grammatical errors. Most of all, any reputable organizations will never ask you to email your password and other credentials to an email address. If you received this email, please delete it.


From: Global Service Exchange <>
To: <ITpersonnel>
Subject: GSX access password update


Please note that due to some security breach some of the GSX accounts were compromised and there is an risk that this may be used by other parties.

In order to avoid this, please change the GSX account password and then forward the new login details together with “Two Step Verification Rekovery Key” to email address: in order to update it in our files also.

IS&T Accounts Security

Comments Off on Apple GSX phishing scam (1/18/2017)