Archive | Uncategorized RSS feed for this section

President of VCU Phishing attempt (10/23/17)

Below is a phishing attempt to get the user to open a malicious PDF.  Notice the unknown sender’s email address, generic language, and non-VCU or VCUHS link; all of these are signs of a scam.
_________
From: Karen Deveney <deXXXXXXX[@]ohsu[.]edu>
Date: Mon, Oct 23, 2017 at 10:59 AM
Subject: FW:[ATTENTION REQUIRED] Virginia Commonwealth University Employee Organizational Internal Communications
To: VICTIM@vcu.edu
Image result for vcu.edu
FROM THE OFFICE OF THE PRESIDENT

Dear Colleagues,

Integrity has long been a hallmark of our success. It characterizes everything we do. In fact, when we talk about the core values of our company, we start with integrity. Integrity means being straight forward, honest, and transparent in our professional and business relationships. This means doing what we say and saying what we do.

Each of us makes a wide range of business and ethical decisions every day in the execution of our responsibilities on behalf of VCU. We are fully committed to ensuring that such decisions comply with the letter and spirit of the law and are ethically above reproach.

This Code of Ethics and Business Conduct is a guide to making the best possible decision in situations affecting your fellow employees or our shareholders, customers, and partners, as well as the communities in which we live and work. In simple terms, our Code contains the guidelines we must all follow to do business the only way we should: the right way.

NOTE: It is fundamentally Urgent that all staffs read attached.

Michael Rao, Ph.D.
President, VCU and VCU Health System
Virginia Commonwealth University
Image result for vcu.edu
910 West Franklin Street
Box 842512 l Richmond l Virginia l 23284-2512

NOTE:  The attached file is in an Acrobat Reader PDF document.  If you cannot read this document, please download the FREE Acrobat Reader at http://www.adobe.com/acrobat
Leave a Comment

Bounced Inbox Message Scam (10/17/17)

The following scam attempts to trick its victims into clicking on a link, which will subsequently attempt to steal information from the victim. Notice the unknown sender’s email address, generic language, and non-VCU or VCUHS link; all of these are signs of a scam. Please delete this message if you received it.

__________________________________________

From: conqrent@sh6.hosty.nl [mailto:conqrent@sh6.hosty.nl]On Behalf Of Bounced Inbox Messages
Sent: Monday, October 16, 2017 6:41 PM
To: xxxxxxxxx <xxxxxxxxxx@vcuhealth.org>
Subject: [EXTERNAL] Message Delivery : You Have 34 Unprocessed/Pending Messages to be Delivered

 

Dear xxxxxxx@mcvh-vcu.edu ,

This message is to inform you about your Pending messages, that have bounced back
which are listed below on your Pending Folder enlisted are actions that can be taken:

 

  1. Action Select toRestore pending messages (Malicious link redacted)
    II. Action Select to Forward a copy of the message (Malicious link redacted) to IT Administrators for analysis.

 

 

Note : Messages will be lost and damaged if the above actions are not performed

Office Mail Delivery Notice

Leave a Comment

Facebook Login Attempt Scam (10/17/17)

The following scam attempts to trick its recipients into clicking on a link, and will subsequently steal their user credentials. Notice the vague wording of the email, them email address from someone you dont know, and sense of urgency, all of which are signs of a scam

_______

From: <D.Tracey@positivecoupon.com>
Date: Tue, Oct 17, 2017 at 8:50 AM
Subject: Did you attempt to log into my facebook by accident?
To: victim@vcu.edu


Was this you …..?

We have detected an unauthorized login attempt. 10 or more incorrect passwords in a row were attempted. Please log int to veify any changes.

Leave a Comment

Bank account scam (10/16/17)

The following scam attempts to trick its victims into clicking on a link which subsequently is designed to steal information from the victim. Notice the non Charles Schwab sender’s email address, generic language, and the non Charles Schwab website; all of these are tell-tale signs of a scam. Please delete this message if you received it.

___________________________________________

From: SCHWAB ITSupport [mailto:reidar.xxxxxx@bredband.net]
Sent: Monday, October 16, 2017 8:47 AM
To: ALERTS1@SCHWAB.COM
Cc: ALERTS1@SCHWAB.COM
Subject: [EXTERNAL] Account

 

 

We are currently updating and verifying all active SCHWAB accounts. Click here (Malicious link redacted) to perform the SCHWAB Account maintenance to allow pending e-payments.

Comments Off on Bank account scam (10/16/17)

Payment notice scam (10/12/17)

The following scam attempts to trick its victims into clicking on a link. Once the person clicks on the link, the malicious website will attempt to steal the individual’s banking credentials. Notice the non-Chase bank sender’s email address and the obscured link; both are tell tale signs of a scam. Please delete this email if you received it.

____________________________________________

From: Susie Owens [mailto:susie.xxxxxx@hotmail.com]
Sent: Thursday, October 12, 2017 10:38 AM
To:
Subject: [EXTERNAL] Your new Chase payment notice

 

Hello John XXXXXX,

You sent an instant payment of $2262.84 to Stone, Cheryl L.
Allow up to 10 minutes for a transaction to appear on you account.

See your transaction details below. (Malicious link removed)

Chase. Forward Thinking

Warm Regards,
Michael Jones

Please do not reply directly to this email box. This email address is for sending purposes only and you will not get a response.

Comments Off on Payment notice scam (10/12/17)

W2 Scam (10/12/17)

From: <Richard@bxxxxxxxxsc.info>
Date: Thu, Oct 12, 2017 at 2:38 PM
Subject: W2 paperless
To:

Dear Account Owner,

Our records indicate that you are enrolled in the Virginia Commonwealth University paperless W2 Program. As a result,
you do not receive a paper W2 but instead receive e-mail notification that your online W2 (i.e. “paperless W2”) is
prepared and ready for viewing.

Your W2 is ready for viewing under Employee Self Service. Logon at the following link:  Click here (Malicious link redacted)

If you have trouble logging in to Employee Self Service at the link above, please contact

Mail to
VCU Payroll Services
P. O. Box 842511
Richmond VA 23284-2511

or Deliver to
Human Resource Building
104 North Belvidere Street

or Fax to
(804) 828-3200
On completion of successful logon you can download and open the word document via this link now and enter your zipcode to see your 2017 open enrollment access info.

AAHUTI GUPTA
FINANCIAL ADMINISTRATOR
VCU HR DEPARTMENT

Comments Off on W2 Scam (10/12/17)

Low Storage Scam (10/11/17)

The following scam attempts to trick its victims into clicking on a link, which will subsequently attempt to steal the victims’ information. Notice the non-VCU email address, scary subject line, random characters in email and the non-VCU link; all of them are tell-tale signs of a scam. Please delete this message if you received it.

_______________________________________

From: <Juxxx.D@xxxxxxxcoupon.com>
Date: Wed, Oct 11, 2017 at 9:19 AM
Subject: Low Storage Space – Email Notification
To:

Your E-mail box is reacheing its maximum limit of storage and Your account will be disabled if you do not update now. Follow the instructions to upgrade to more storage space Your account will remain active after you have confirmed your account successfully.

Email Server Settings (Malicious link removed)

Mail Server Administrator

Comments Off on Low Storage Scam (10/11/17)

Be a winner scam (10/11/17)

The following scam attempts to trick its victim into clicking on a malicious link, which downloads a malicious Microsoft Document file that can be used by the scammers to remotely take control of the victims’ computers or steal information from the victims. Notice the non-VCU sender’s email, the generic language, and the masked link that goes to a non-VCU site; all of these are tell-tale signs of a scam. If you received this scam, then please delete it.

______________________________________________

From: F.xxxxx@xxxxxxlay.us
Date: 2017-10-11 9:31 AM
To:
Subject: VCU RAMS

Be a winner.

Everything you do on VCU Fan House earns you points toward awesome perks, prizes and experiences from the VCU Department of Athletics

 

Simply sign in daily, earn points and see if you’re a winner! The more you do, the greater your chances are of winning!

 Review the latest list of winners for week ending 10 May 2017. Click on the list of winners here. (Malicious link redacted)

Comments Off on Be a winner scam (10/11/17)

You have a document waiting (9/22/2017)

The following scam attempts to trick its recipients into clicking on a link to sign a document, and will subsequently steal their user credentials. Please delete this message if you received it.

 

———- Forwarded message ———-
From: <F.Rayser@companyrelay.us>
Date: Fri, Sep 22, 2017 at 10:12 AM
Subject:
To: victim@vcu.edu

 

You have a document waiting from:

<<xxxxxx>>

Please sign the below Document

Finance_report_first_quarter_2017 <<Link removed>>

 

Comments Off on You have a document waiting (9/22/2017)

Library Account Phishing Attempt (9/18/2017)

The following scam attempts to trick its recipients into clicking on a link, and will subsequently steal their user credentials. Notice the non-vcu email address,  the incorrect login link, the fake VCU phone number, a toll free number, and the content of the email which tries to convey a sense of urgency; all of which are tell-tale signs of a scam. Please delete this message if you received it.

_____________________________________________________

From: Library.vcu.edu <xxxxxxxs@giresun.edu.tr>
Date: 17 Sep 2017 12:32:50
Subject: Library Account
To:

 

Dear Member,

Your access to your library account is expiring soon due to inactivity. To continue to have access to the library services, you must reactivate your account.
For this purpose, click the web address below or copy and paste it into your web browser. A successful login will activate your account and you will be redirected to your library profile.

http://login[.]vcu[.]REDACTED/cas/login

If you are not able to login, please contact Sarah Miller at shmiller@vcu.edu for immediate assistance.

Sincerely,

Sarah Miller
VCU Libraries
James Branch Cabell Library
Monroe Park Campus
901 Park Ave., Richmond, VA 23284-2033
Toll-free: (844) XXX-XXXX (REDACTED)
(804) 828-1111

Comments Off on Library Account Phishing Attempt (9/18/2017)