Kansas State University

search

Scams

Month: February 2013

Phishing Scam – 2/28/2013 – Storage Limit Exceeded

Origin ISP and web host have been notified. Url is active and blocked at the border as well as submitted to Trend.

Second scam origin ISP and both web host have been notified. URL was reactivated by web host. Both URLs are blocked at the border. Long URL submitted to Trend for second time.

From: Helpdesk <ch3952@ship.edu>
Date: Thu, 28 Feb 2013 08:36:14 -0800
Subject: Storage Limit Exceeded

Dear members,

You mailbox has exceeded it storage limit as set by your administrator, and you will not be able to send or receive new mail until you re-validate it by clicking here, http://wemailupgradeteam.webs.com/

System Administrator.

From: Oliva Blanchette
Subject: Storage Limit Exceeded
Date: Thu, 28 Feb 2013 18:42:32 +0000

Dear members,

You mailbox has exceeded it storage limit as set by your administrator, and you will not be able to send or receive new mail until you re-validate it
by clicking here, http://ow.ly/i8P8f
http://wemailupgradeteam.webs.com/

Regards,
Technical Team.

Phishing Scam – 2/28/2013 – Webmail Account Security Update

Origin ISP has been notified. URL is inactive, blocked by Trend and at the border.

From: Alarcon, Iris <Iris_Alarcon@dpsk12.org>
Subject: Webmail Account Security Update
Date: Thu, 28 Feb 2013 14:12:30 +0000

Dear User.

This email is to notify you that your Webmail Account will be suspended within 24-hours of this notification due to enormous Login attempt from different IP locations with wrong Credentials. We are

taking heavy security measure in protecting our Users due to a potential security breach at our data center lately. Protecting the security of your Account is our primary concern, we have limited

Access to sensitive Webmail features. Failure to re-validate, your e-mail will be blocked in 24 hours. To Confirm Your E-mail Account security click on our secure link below.

http://urlredo.com/adminservice

And if you can not click the above link, kindly copy the link and paste on your web address.

Thank you for your cooperation.
System Administrator.

Phishing Scam – 2/27/2013 – ATTENTION

Origin ISP and web host have been notified. This URL is active and blocked
at the border. Has been submitted to Trend.

From: Kansas State University <lombardojn@tiffin.edu>
Subject: ATTENTION
Date: February 27, 2013 2:51:49 PM CST

We would like to inform you that we are currently carrying out
scheduled maintenance and upgrade of our webmail service and as a
result of this; our client has been changed and your original password
will reset. We are sorry for any inconvenience caused.

You are to Verify your webmail Account by clicking the link below;

http://signinkstateedu.webs.com/

If you can’t click the above link, copy and paste on your browser address.

Phishing Scam – 2/27/2013 – Email Quota Alert

Origin ISP and both web host have been notified. URL is active and block at the border as well as submitted to Trend.

From: David Savidge <Savidged@udasd.org>
Subject: Email Quota Alert
Date: Wed, 27 Feb 2013 21:25:05 +0000

Dear members,

You mailbox has exceeded it storage limit as set by your administrator, and you will not be able to send or receive new mail until you re-validate it
by clicking here, http://ow.ly/i61ni
http://webmailupgradeteam2013.webs.com/

System Administrator.

Phishing Scam – 2/26/2013 – New Message

Origin ISP and web host have been notified. URL is active, blocked at the boarder, and has been submitted to Trend.

From: “Boston University” <smithry@bu.edu>
Subject: New Message
Date: Tue, 26 Feb 2013 20:16:22 +0330

Dear Member,

You Have 1 New Message

Click here to read
http://www.leveleuk.com/brazilian-lacewigs.com/banner/bu.edu.htm

Sincerely,
2013 Trustees of Boston University

Phishing Scam – 2/26/2013 – Two Incoming Mail

Origin ISP and web host have been notified. URL is active.

From: Anne Katrine Kaae Hansen <dr.akh@dadlnet.dk>
Date: Tue, 26 Feb 2013 14:42:27 +0100
Subject: Two Incoming Mail

Your mailbox has exceeded it storage limit set by your administrator,To confirm the validity of your email and to prevent your account from deactivation.-> click here
https://docs.google.com/a/ersaotomasyon.com.tr/spreadsheet/viewform?formkey=dC1iM0dvLUx4OUNYZHkyMnpnNG9BREE6MQ

Phishing Scam – 2/22/2013 – Your mailbox is under automatic deactivation

Origin and reply to ISP’s have been notified. URL has been blocked at the border.

Date: Fri, 22 Feb 2013 02:04:30 +0100
Subject: Your mailbox is under automatic deactivation
From: Mailbox Help Desk Support <parker_jenny1@columbusstate.edu>

Dear Email User

Mailbox Errors, Your mailbox account is under automatic deactivation. Correct
the mailbox error now to avoid deactivated.  To correct email errors Click
Here <http://iexkxls.tk/> OR this link: http://iexkxls.tk/ , Failure to correct
email errors, your mailbox will be deactivated under 24 hrs.

We sincerely apologize for any inconvenience

Help Desk Support

Phishing Scam – 2/25/2013 – Please validate your Account to avoid deactivation

Origin ISP and web host have been notified. URL is active.

From: “HUSSAIN, Linda” <Linda.HUSSAIN@spirehealthcare.com>
Date: Mon, 25 Feb 2013 18:54:49 +0000
Subject: Please validate your Account to avoid deactivation

Dear User,

As part of our regular maintenance done on the exchange mail servers, Microsoft System Administration is currently working to improve on the security, functionality and performance of all our Microsoft Outlook Webmail Access Accounts as we periodically review certain Accounts which are vulnerable to Unauthorized Access or has not been used/accessed over a period of time will be deleted to conserve storage. However, your Account has been detected and queued up to be deleted from our DB. Please note that the mail in the deleted mailboxes will NOT be recoverable.

To remove this limitation and initiate your Account Update and activation process, please click here
<https://docs.google.com/forms/d/1dmlpaQ-0bWCi6piwjsfbNLlZIrnC22_oxGWZlTl4WLk/viewform>
to complete and validate your Account.

Thank you for your co-operation
Webmail Management Team

Phishing Scam – 2/25/2013 – Email Quota Alert

Origin ISP and both web hosts (long and short URLs) have been notified. Both URLs are active and not blocked by Trend. Long URL has been submitted to Trend and both are blocked at the border.

Subject: Email Quota Alert
From: Helpdesk<jia-s11@mails.tsinghua.edu.cn>
Date: Mon, 25 Feb 2013 09:09:43 -0800

Dear members,

You mailbox has exceeded it storage limit as set by your administrator, and you will not be able to send or receive new mail until you re-validate it by clicking here,
http://ow.ly/i1RxN
http://www.mypacificcourt.com/forms/use/web/form1.html

System Administrator.

Phishing Scam – 2/25/2013 – MESSAGING CENTER

Origin ISP and web host have been notified. URL is active.

From: Louise Siminausky <LSiminausky@mail.east-haven.k12.ct.us>
To: info@web-upgrade.de <info@web-upgrade.de>
Date: Mon, 25 Feb 2013 06:59:38 -0500
Subject: MESSAGING CENTER

This message is from ADMINISTRATOR MESSAGING CENTER to all our account owners. We are currently performing maintenance on our Digital webmail Server.
We intend upgrading our Security Server for better online services due to spam mail and virus. And You Will Not Be Able To Receive New Mails Until You Re-Validate It. To Re-Validate – >Click Here:
<https://docs.google.com/forms/d/1wk2RGtYhCKlpOlejU-M95tYHBN25t8DAyz2aI-y4Gzg/viewform>\>

Please you have to response to this email immediately to prevent your account from being deactivated during this exercise.

System Administrator