"UVM ACTION NOW" - received October 30, 2024
You pretty much never need to verify any account like this - and certainly not your UVM account. When an email is telling you something alarming and asking you to take urgent action, take a second to reread and check for red flags (e.g., strange wording, many typos, unfamiliar sender, short link used to disguse website).
"2024 Internship Program (Remote)" - received October 18 & 25, 2024
This is a scam email that was unfortunately able to spoof the UVM HR address. Never trust job offers that direct you to contact someone via an external email or phone number. Actually, maybe just never trust unexpected job offers at all, especially if the pay seems too good to be true.
"[Your name]" - received September 2, 2024
The actual body of the email may contain your address and other personal information, likely obtained from a third-party data breach. Check your email address at https://haveibeenpwned.com/ to see if your information has been exposed.
The attached PDF utilizes the information obtained to try to scare you into paying to prevent compromising videos of you (which they do not actually have) from being released. This is a common scam, but a higher effort and more uncomfortable one for folks to receive. Regardless, never pay a blackmailer and put this email in the trash if you receive it (or forward to abuse@uvm.edu).
"[Advanced Account verification for FSU]2FA Authentication", "[Enhanced Account Security as an alternative to 2FA ]Authentication." - received July 19, 2024
You can probably safely assume literally any email with a QR code in it is a scam.
"Scheduled Message - 372b2deb8fe25b7bbeb35d36bb25a044b128a4d6" - received June 14
This is definitely a scam. Even if something looks like it could plausibly be from UVM, make sure it's actually sending you to a real UVM website before clicking any links.
"ITS Help Desk Account Maintenance" - received March 22, 2024
SO many red flags in this one. UVM would never ask you to text a random phone number your password for ANY REASON. You should also never enter a passcode for Duo anywhere other than the UVM login page, nor approve any push notifications that are associated with anything other than you yourself logging in (regardless of what some email tells you to do).
Additional hint: If something asks for your Passw0rd, it is for sure a scam.
"Important Message for All Faculty - Staffs" - received March 20, 2024
Not sure why the "Financial Aid Department" would want you to enter your password into a Google form in order to read your mysterious unread messages, unless... wait - it's a scam!
Always check the link before clicking (it should be a uvm.edu address if it's something like this) but also think about whether what they're asking you to do makes sense. Feel free to forward to abuse@uvm.edu and ask if you're not sure.
"Salary Adjustment Acknowledgement" - received March 20, 2024
This is a phishing scam and it is extremely not appreciated. Don't open shady attachments from external senders, folks.
"CAVAS NOTIFICATION" - received January 26, 2024
Canvas? What? No, this one is definitely not legitimate.
"Response for you're doing" - received January 24, 2024
This is another scam utilizing the fact that it's very easy to spoof the "From" address on emails. This person does not actually have access to your account, but is trying to alarm you into thinking they do. Our spam filters catch most of these, but this one unfortunately made it through to some folks. You can safely discard this email if you received it.
"Notice!" - received January 17, 2024
A "Notice!" about "University of Vermont News" from a non-UVM address is enough reason for skepticism, but as always, hovering over the link will let you know for sure. Despite having uvm-edu in the first part of the address, this link leads elsewhere (to a phishing site that attempts to steal your password).
"I strongly recommend you check the information in this email" - received January 7, 2024
This one is a scam utilizing the fact that it's very easy to spoof the "From" address on emails by trying to scare you into thinking someone else has access to your account. Our spam filters catch most of these, but this one unfortunately made it through to some folks. You can safely discard this email if you received it.
"Student Employment Services" - received December 12, 2023
Too good to be true? Yes!
"Notice From Microsoft`" - received December 12
This is not really from Microsoft and it is not legitimate. Put this one right in the trash.
"IT Support - Important Update" - received December 8
....what are email address hours even? This one is definitely a scam.
"Individual Assistance Program" - received November 2, 2023
This email is a scam, preying on folks who really need the money. If you hover over the link with your cursor, you can see it's sending you to a non-UVM website where it asks you for UVM credentials. UVM would not do this.
"ACTION REQUIRED NOW!" - received October 26, 2023
QR code abuse is becoming one of the most common ways to lure the unwitting into visiting phishing websites (like this one) or sites serving malware to anyone who visits. UVM wouldn't ask you to conduct any important business by hiding the target site's address in this way - be very skeptical of any QR code that you aren't expecting to see!
LEGITIMATE - "Your key audit is OVERDUE"
This is a legitimate email from the Division of Safety and Compliance - The key audit is a critical exercise that requires your response. If you have received this email, please complete the survey right away!