Archive | January, 2017

Wire Transfer Scam (1/31/17)

In the following scam, the scammer pretends to be a senior management staff member in the University and attempts to contact fiscal administration staff in hopes of initiating fraudulent wire transfers. These scams are usually very targeted and well crafted, and is designed to steal money from the University. The generic message is usually a sign for these scams. When these emails are received, it is always a good idea to check with the senior management staff via phone or another communications mechanism to ensure the legitimacy of the email. Alternatively, you can always contact VCU IT Support Center for assistance in the verification of the email.



Date: Mon, Jan 30, 2017 at 10:37 AM

Hi yyyyyyy,

Are you at the office? Write me back when you are.
Sent from my iPhone.

Comments Off on Wire Transfer Scam (1/31/17)

Apple GSX phishing scam (1/18/2017)

The following scam is designed to target University IT personnel and attempts to trick these personnel into providing login information to the scammer. This scam is sophisticated in a way that the attacker have spoofed the identity of an Apple email server. However, the tell-tale signs of the scam appears in the form of an unknown reply email address at and the mis-spelling and grammatical errors. Most of all, any reputable organizations will never ask you to email your password and other credentials to an email address. If you received this email, please delete it.


From: Global Service Exchange <>
To: <ITpersonnel>
Subject: GSX access password update


Please note that due to some security breach some of the GSX accounts were compromised and there is an risk that this may be used by other parties.

In order to avoid this, please change the GSX account password and then forward the new login details together with “Two Step Verification Rekovery Key” to email address: in order to update it in our files also.

IS&T Accounts Security

Comments Off on Apple GSX phishing scam (1/18/2017)

Refund scam (1/17/17)

The following scam attempts to trick its victims into contacting a scammer in promise of money. Notice the generic gmail account used for the scam, the too good to be true message, and sense of urgency; all of which are signs of a scam. If you received this message, then please ignore and delete it.


From: Ola []
Sent: Tuesday, January 17, 2017 11:38 AM
Subject: your late uncle’s fund

How are you today I hope this message meets you well? I have tried to reach you many times concerning your late uncle’s fund with my bank.
Please read attached letter and get back to me a.s.a.p.
Mr. Daniel Sako

Comments Off on Refund scam (1/17/17)

Email account security scam (1/4/17)

The following scam attempts to trick its victims into clicking on a malicious link, which will then steal the login information from the victims. Notice the generic language, non-VCU link, and poor grammar; all of these are signs of a scam. Please delete this message if you received it.


From: Audrey Millan <Audrey_Millan@xxxxnet>
Date: January 3, 2017 at 18:13:14 EST
To: Undisclosed recipients:;
Subject: [EXTERNAL] Important: Securing Your Mail Account

To All Employees\Staff,
We are currently make some changes to our online system due to recent upgrade in Payroll and HR Systems to enable us provide secured services.
Please confirm your access details to avoid service interruption using the secured link (Malicious link removed)
Thank you.
Comments Off on Email account security scam (1/4/17)