Examples of Phishing and Scam Emails
Key Items to Look for in Suspicious Emails
Below are some examples of actual phishing and scam emails received by UVA community members,
in which the most common or key markers of phishing emails are indicated. Please review these
carefully so you don't become the next victim.
Example Spam/Phishing Email Message #1
- UVA will never send a message like this. Even if you were to ask UVA to delete your account (highly unlikely), you would be communicating with UVA through verifiable channels and probably by voice communication with a verified UVA staff member, not in an email like this.
- Notice the tone of urgency, indicated by a 24-hour deadline, along with an implied threat, indicated by the words "your account will be lost". A tone of urgency and an implied or veiled threat to those who do not act will generate fear, a key tactic phishers use to deceive us, and to push us to act without thinking. UVA will never threaten you; in fact, no reputable institution will ever threaten you in any communication.
- Hover over any included links (i.e. hypertext, graphics, buttons) before clicking them. As seen above, the hyperlink text says it will "CANCEL REQUEST IMMEDIATELY", but when you hover over the link, you see that the actual URL takes you away fom UVA servers. Clicking this link would make your information and data available to hackers — if there is no match between the apparent URL and the real URL, delete the message.
- UVA will never send you a message to which you cannot reply. We will never have an "address that cannot be answered."
Example Spam/Phishing Email Message #2
- As phishing and scam emails become more prevalent, hackers can get more creative in their
malicious attempts. As shown here, hackers sometimes become aware of legitimate UVA email
campaigns and recreate legitimate UVA language. For this reason, it is very
important to always read the entire message to ensure its validity.
*!* This is a reminder of the importance of hovering over URLs before clicking them — the URL that appears to take you to "netbadge.virginia.edu/myaccount/reactivation.html" does NOT take you to a UVA website. Despite this seemingly valid message, there is always a way to find the phish. *!*
- Again, hackers will often use legitimate content in an attempt to trick us into clicking the malicious content. Though this email address appears to be a legitimate virginia.edu message, smart users would ignore this trick once they saw the discrepancies between the apparent URL and the real URL above.
Wire transfer requests are just one example of popular scam emails. These involve an attempt to get the recipient to process a payment for non-existent goods or services by way of a wire or credit transfer. They often pose as urgent messages from those high up in an organization, such as a CEO or senior executive.
According to Symantec, "If you receive a wire transfer request that seems out of the ordinary, always check that the sender is who they say they are. Ask yourself: is it normal procedure for your CEO to decide that you're the best (or only) person to help in that situation?"