Since UVM runs a fax system, RightFax, it might not be surprising to receive a notification via email that one has an incoming fax.  But this one is fake, and it carries a dangerous attachment:

Please do not attempt to open the attachment in the message, and don't reply to it; simply delete the email.  

The Word document attachment in this scam looks innocent enough, but as with all attachments, it is dangerous to open an attachment you were not expecting.  This attachment carries malicious software, W97M/Downloader.adx , that few antivirus products are currently able to detect. 

What to do if you've opened the attachment

If you've opened, or tried to open, the attachment in the message, you should disconnect your computer from the network immediately (unplug the Ethernet cable or turn off Wi-Fi) -- but do not shut the computer down.   Then change your UVM Net-ID password at www.uvm.edu/account.  Scan your computer for viruses and other malicious software and contact your department's IT support personnel or the Information Security Operations Team (at iso@uvm.edu). 

For more information about phishing scams, view our Web page on protecting your NetID and password. 

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report scams and spam, please see "how to report concerns" on UVM's information security web page.