Several suspicious emails have been circulating among University email addresses in recent months, encouraging students to follow links in the email with various messages such as account deactivation notices and security upgrades.
The emails are often signed by seemingly legitimate organizations such as “U.Va. Account Team” and “IT HelpDesk,” but Information Technology Services is telling students not to respond to or click any of the links and to immediately delete any emails of this nature.
First-year College student Theresa Mai received one of these emails, which referenced a Yahoo account deactivation. She said she knew it wasn’t real and deleted it right away.
“I never thought it was real,” Mai said. “It said, ‘Your request to shut down your Yahoo account wasn’t processed,’ and I don’t have a Yahoo account.”
Mai said the person she received the email from was someone she actually knew and said they probably opened the link and were hacked.
“It was from a U.Va. computing ID — I actually knew who it was,” Mai said. “It was my Madison House coordinator, so it didn’t make any sense.”
Other spam emails include one from “Mail Admin,” that notes “we received your instructions to close your account” and directs the user to visit their account “dashboard” and “cancel this request.”
Clayton Lockhart, assistant vice president for enterprise infrastructure in the Office of the Chief Information Officer, said these types of attacks — called “phishing attacks” — can be very dangerous for students and faculty.
“In these kinds of phishing attacks, hackers are sending our students and our faculty and staff various different emails that look enticing to open up and to click on various hot links,” Lockhart said. “When you do that, a lot of times malware is automatically loaded onto your PC or your iPhone.”
Lockhart said clicking on the links can also lead to a chain of reactions that can cause blacklisting of University email addresses by email providers. These providers restrict the number of emails sent by blacklisted addresses because the addresses are viewed as having strange behavior or sending spam.
“It starts with the phishing attacks, effectively people clicking on things they shouldn’t, [and] strange email patterns coming out from that,” Lockhart said. “[Then] the blacklisting by other email providers, and then again the back effect on users at U.Va. saying ‘Why am I seeing these strange email behaviors? It looks like my email isn’t being sent.’”
Lockhart said he encourages students and faculty to use discretion when opening links and emails.
“When people send you emails, you have to say to yourself ‘Is this really the address I was expecting? Is this a regular email? Is this an address I trust or, if I hover over that link, is it really a link that looks like it’s safe, or not?'” Lockhart said. “You kind of have to avoid the temptation to go open up and click on different things in your email because they might actually be malicious.”
ITS maintains a list on its website of suspicious emails known to be affecting members of the University community. Over 70 different emails have been posted on the website since the beginning of 2016.
Read More
The ‘Batten Curve’ — what’s the big deal?
By Bennett Galper and Nina Broderick | 2 days agoBatten students are also involved in conversations about potential policy changes, with some taking an active role in advocacy efforts.
UJC sees “major influx” of cases with 38 adjudicated so far this term
By Ford McCracken | 3 days agoAlongside an increase in cases, the Committee saw increased interest during recruitment
Shots fired reported on 800 block of Hardy Drive
By Thomas Baxter | 4 days agoLongo said to avoid the area for the time being.
