Kansas State University

search

Scams

Month: March 2013

Phishing Scam – 3/30/2013 – Verify your email address

Origin and Reply-to ISPs have been notified. Reply-to address submitted to APER.

From: “Admin” <webservice2@hawaiiantel.net>
To: all-users@email-list.com
Reply-To: upgrade.services2@hawaiiantel.net
Subject: Verify your email address
Date: Sat, 30 Mar 2013 18:04:31 +0800

Important Updates to your Email Security

Date: 3/30/2013

We regret to announce that we would be making some scheduled vital
maintenances and significant upgrades to the Webmail system. During this
process, you might experience some login problems while accessing your
account. A much needed Security Update and maintenance is to be carried out
shortly. All Users are hereby, required to participate in our simple
maintenance process and security test.

Email Termination or Cancellation of Service:

Webmail Users are advised to participate in this process. Failure to do this
is a violation of our Security Terms and would prompt the Termination or
Cancellation of Service of such User account and User Email address. Please,
ensure your email participates in this update process.

What To Do?

To carry out this maintenance and participate in this process, simply hit the
reply button to Reply to this email message. Just replying to this message
alone would ensure your account is kept active during and after the Security
Update process. Reply now to avoid account termination and service suspension.

NOTE: Reply back to this email for further guide towards completing this
process.

Sincerely,

IT & Email Administration Team
Copyright 2013. All rights reserved.

Phishing Scam – 3/30/2013 – UPDATE YOUR ACCOUNT

Origin ISP and web host have been notified. URL is active and not blocked by Trend. Submitted to Trend and blocked at the border.

Date: Sat, 30 Mar 2013 15:42:04 -0430 (VET)
From: CUSTOMER SERVICE <lcastilla@mij.gov.ve>
Subject: UPDATE YOUR ACCOUNT

Dear Email Subscriber,

Your email address has been RED FLAGED by our server due to too many unwarranted spammed messages received from your email address. For this reason, your account has been subjected to a COMPULSORY email update to avoid a permanent suspension of your email account. Kindly update your email account information within the next 24 hours to avoid discontinuity.

CLICK HERE TO UPDATE YOUR EMAIL
http://www.amai.hr/wp-content/themes/blacklabel/EmailPass/Horde.htm

Thank You

Security Team

Phishing Scam – 3/27/2013 – alertă e-mail

Both scams are from the same account. Origin and Reply-To: ISPs have been notified. Reply-To: address has been submitted to APER list.

URL is inactive at this time.

From: administrator de sistem <fisioterapia@udes.edu.co>
Subject: alertă e-mail
Date: March 27, 2013 5:50:58 AM CDT
Reply-To: administrator de sistem <upgrade@execs.com>

Căsuța poștală a depășit limita de stocare de 2 GB este, de asemenea, definit de administrator, executați 2.30GB, nu poate fi capabil de a trimite sau primi mesaje noi până când confirmați casuta ta de email. Pentru a re-valida căsuța poștală. trimite detaliile necesare în conformitate cu

E-mail

Nume utilizator

parolă

confirma parola

Pentru e-mail: upgrade@execs.com
manager de sistem

From: administrator de sistem <fisioterapia@udes.edu.co>
Subject: alertă e-mail
Date: March 27, 2013 4:50:56 AM CDT

Căsuța poștală a depășit limita de stocare 2.GB Stabilit de administratorul este în prezent 2.30GB, nu se pot trimite sau primi mesaje noi până când re-validați adresa de e-mail Faceți clic pe următorul link pentru a valida adresa de e-mail

https://docs.google.com/forms/d/1b16fhpKpur9xXFXxOLiuUedbzL6WfY5aXa3Zjkvw5Xw/viewform?

mulțumesc
administrator de sistem

Phishing Scam – 3/27/2013 – Exceeded Email Quota

Origin ISP and web host have been notified. URL is active and blocked at the border.

Date: Thu, 28 Mar 2013 00:17:47
From: “Hinkle, Carol A” <chinkle@dentonisd.org>
Subject: Exceeded Email Quota

Your E-mail box has reached its maximum limit of GB storage and
Your account will be disabled if you do not update now.
Upgrade your account, please click the link below:
CLICK HERE> http://outlookhelpdesk.webs.com/
Your account will remain active after we have confirmed your account successfully.

Phishing Scam – 3/27/2013 – A Document Has Been Sent To You Using Google Doc

Origin ISP and web host have been notified. Both URLs are active and blocked at the border. The URL is being blocked by Trend.

Subject: A Document Has Been Sent To You Using Google Doc
From: Google Doc <advpnt@aol.com>
Date: Wed, 27 Mar 2013 15:39:32 -0400 (EDT)

Hello,
An important documents for you on Google docs. Click here to view
Thank You!
2013 Google Docs Team.

http://www.criacorpo.net/up.php
http://www.googledoc.com.pachamamaonline.info/lgoin/ 

Phishing Scam – 3/27/2013 – Dear Customer!

Origin ISP and web host have been notified. URL is inactive and blocked at the border.

Subject: Dear Customer!
To: Recipients <helpdesk@mail.mn>
From: Helpdesk Team <helpdesk@mail.mn>
Date: Thu, 28 Mar 2013 00:44:20 +0800

Dear Customer,

We found some unusual messages from your webmail account to avoid losing your e-mail account or suspention, you will need to reaffirm your account for us to know that you are the rightfull owner of this e-mail account.You are therefore required to click or copy the link
http://www.membersllla.net.ms/
to us to verify and maintain in its e-mail account with our new system software upgrade.

Failure to provide your valid information, your accountwill be permanently suspended from our services.

Note: None of your personal data will be lost during this operation.Failure update your account after receiving this warning will result in termination of youraccount permanently.

For safety reasons, always exit the Web browser when you’re ready access to services that require authentication!

Helpdesk Team.
2013 Helpdesk Technical Team. All rights reserved.

Phishing Scam – 3/27/2013 – Webmail Account Owner

Origin and Reply-to ISPs have been notified. Reply-to address has been on APER since 2/22/2013.

Reply-To: <university@groupmail.com>
From: “webmaster”<university.a@engineer.com>
Subject: Webmail Account Owner
Date: Wed, 27 Mar 2013 12:09:36 +0100

Dear Webmail Account Owner,

This message is from the University Webmail Messaging Center to all email account owners.

We are currently carrying out scheduled maintenance,upgrade of our web mail service and we are changing our mail host server,as a result your original password will be reset.
We are sorry for any inconvenience caused.
To complete your webmail email account upgrade, you must reply to this email immediately and provide the information requested below.
*********************************************************************************
CONFIRM YOUR EMAIL IDENTITY NOW
E-mail Address:
User Name/ID:
Password:
Re-type Password:
*********************************************************************************
Failure to do this will immediately render your email address deactivated from the University Webmail.
*********************************************************************************
This E-mail is confidential and privileged. If you are not the intended Recipient please accept our apologies; Please do not Disclose, Copy or Distribute Information in this E-mail or take any action in Reliance on its contents: to do so is strictly prohibited and may be Unlawful.

Please inform us that this Message has gone astray before deleting it.
Thank you for your Co-operation.
Copyright 2013 University Webmaster. All Rights Reserved

Phishing Scam – 3/21/2013 – Scheduled Maintenance & Upgrade

Origin and Reply-To: ISPs have been notified. Reply-To: address has been on APER since 03/21/2013.

Date: Thu, 21 Mar 2013 19:34:53 -0400
From: Help Desk <info@helpdesk.org>
Reply-to: team.iteach@tech-center.com
Subject: Scheduled Maintenance & Upgrade

Help Desk

Attention Account User,

Scheduled Maintenance & Upgrade

Your account is in the process of being upgraded to a newest Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along with IMAP Support for mobile devices to enhance your usage.

To ensure that your account is not disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:

* User name:
* Password:

This will prompt the upgarde of your account.

Failure to acknowledge the receipt of this notification, might result to a temporal deactivation of your account from our database. Your account shall remain active upon your confirmation of your login details. We do apologize for any inconvenience caused.

Help Desk Team.

(c) Copyright 2013, All Rights Reserved.

Phishing Scam – 3/22/2013 – Information Technology Services

The origin ISP and web host have notified. The url is inactive and blocked at the border.

From: no-reply@itshelpdesk.com
Date: Fri, 22 Mar 2013 03:50:26 -0700
Subject: Information Technology Services

IMPORTANT: We discovered series of illegal attempts on your mail account from different IP locations. This is for your own safety and to avoid your account from been closed.If you did not initiate this change, please sign in and verify your account information by clicking the link below. If you are unable to click the link copy and paste it on your browser.

http://caswebbhelpdeskinternationalupgrades.atwebpages.com/login.php

To ensure that your account information remains accurate and secure we notify you whenever this information changes.

Information Technology Services
Warning Code :ID67565434

Phishing Scam – 3/18/2013 – Validate your account

The origin ISP and web host have notified. The url is active and blocked at the border.

From: “K-STATE.edu Mail Services” <mail@k-state.edu>
Subject: Validate your account
Date: Mon, 18 Mar 2013 16:44:20 -0300

K-STATE.edu Mail Service

K-STATE.edu Mail Service messaging center wish to inform all K-STATE.edu Email Users. We are upgrading our Webmail clients. Your email account will be upgrade to a new enhanced webmail interface provided by K-STATE.edu Mail Service.

K-STATE.edu Mail Service will discontinue the use of our current K-STATE.edu Email System. You are therefore required to re-validate your mailbox.

To re-validate your mailbox please click the link below:

http://www.123contactform.com/form-515451/WEB-VERIFICATION-SYSTEM

Yours In Service,
K-STATE.edu Mail Services