Kansas State University

search

Scams

Month: September 2013

Phishing Scam – 09/29/2013 – Upgrade!!!

Origin ISP has been notified. URL is inactive and blocked at the border. URL is being blocked by Trend.

From: “Lacko, Ellen” <LackoE@trumbullps.org>
Date: Sun, 29 Sep 2013 10:45:48 -0400
Subject: Upgrade!!!

Hello User,

All staffs and email users who have or have not upgraded their emails before are advised to upgrade their email accounts to secure it immediately, in order to avoid loosing their email accounts. If upgrades are not done immediately, affected email accounts will be deleted in few hours.

Please Click here now to begin the upgrade!!!
<http://www.emailupgrade.ml/>

Upgrade Team,
Email security.

Phishing Scam – 09/30/2013 – Storage Quota Notice.

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: Jale Tanalp <jale.tanalp@yeditepe.edu.tr>
Date: Mon, 30 Sep 2013 13:32:27 +0300
Subject: Storage Quota Notice.

You have almost exceeded your webmail storage quota. To avoid account deletion, please click on the link below to upgrade your account.
http://webstartup.cwsurf.de
Please endeavor to respond within the next 48 hours to prevent your account from deletion. These measures are part of our security policies and we sincerely apologize for any inconveniences caused.
Best wishes,
Edu/PreFormAction Management

Phishing Scam – 09/27/2013 – System Help Desk

Origin ISP and web host have been notified. URL is inactive and blocked at the border. The URL has not been submitted to Trend.

Subject: System Help Desk
Date: Fri, 27 Sep 2013 13:21:08 +0000
From: Doud, Frances <frances.doud@apsva.us>
To: info@help.com <info@help.com>

This message requires that you verify your mailbox and increase its quota. You are currently running on 23GB instead of 20GB Due To Hidden Files and Folders in Your Mailbox. You will be unable to receive new email, Loss Important Information in Your Mailbox/Or Cause Limited Access to It if not verified.

To complete this verification simply Click : http://webm102.jimdo.com/

Webmail Upgrade Support Team © 2013
System Help Desk

Phishing Scam – 09/25/2013 – IT Support

Origin ISP and web host have been notified. URL is inactive and blocked at the border. The URL has not been submitted to Trend.

From: “Gomez, Juanita V.” <Juanita.Gomez@chicagopolice.org>
Date: Wed, 25 Sep 2013 15:29:52 -0500
Subject: IT Support

Your Mailbox has reached its storage limit and needs to be validated and expanded. please click on this link <http://sepptechfrm.websitewizard.com> or copy and paste in your URL. fill the form submit for validation.

Phishing Scam – 09/25/2013 – ITS – Service Information

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: “Bynes, Horatio Tramaine” <htb6067@uncw.edu>
Date: Wed, 25 Sep 2013 13:13:30 -0400
Subject: ITS – Service Information

You are currently running on low mail Quota due to hidden files and folder on your mailbox. Please Click Here http://acutheipheldeskacountfonfirm.atwebpages.com/login.php To Validate/Confirm your account.

This is an automated message. Please do not reply to this email.

Thanks,
Administrator

Phishing Scam – 09/25/2013 – Attention: Zimbra Help Desk Account User

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

Second Scam:
Origin ISP has been notified. URL is active and blocked at the border. The URL is being blocked by Trend.

From: “Zimbra Help Desk” <rbrhoades@pa.net>
To: "Recipients" <rbrhoades@pa.net>
Sent: Wednesday, September 25, 2013 1:48:57 PM
Subject: Attention: Zimbra Help Desk Account User

Second Scam:
From: Zimbra Help Desk <yoda77@pa.net>
Date: Wed, 25 Sep 2013 13:44:40 -0700
Subject: Attention: Zimbra Help Desk Account User

Attention: Zimbra Help Desk Account User,

You have reach a quota limit sending email today, Validate your account below

http://765-323-53-534.webs.com/

Thanks for your understanding

Copyright © 2013 Zimbra Software, LLC. All rights reserved.

Phishing Scam – 09/25/2013 – Attention Email User!

Origin ISP and web host have been notified. URL is inactive and blocked at the border. The URL has not been submitted to Trend.

From: EMAIL QUOTA UPDATE <me11b059@smail.iitm.ac.in>
Subject: Attention Email User!
Date: Wed, 25 Sep 2013 22:26:11 +0630

Your E-mail® Account needs to be updated with our F-Secure R-HTK4S new(2013) version anti-spam/anti-virus/anti-spyware. Please click this link below for update http://webmailadminunit.yolasite.com/

We Are Sorry For Any Inconvenience.
Regards,
WEBMAIL ADMINISTRATOR Copyright© 2013
All rights reserved®.ABN 31 088 377 860

Phishing Scam – 09/25/2013 – IT Helpdesk: Your mailbox is almost full

Origin ISP and web host have been notified. URL is inactive and blocked at the border. The URL has been submitted to Trend.

From: carl feinman <carl_fienman@edalliance.org>
Date: Wed, 25 Sep 2013 09:50:27 -0400
Subject: IT Helpdesk: Your mailbox is almost full

Dear user,

Your mailbox is almost full. Please click on the link below to verify your location and enable us increase your Webmail storage space to 1.5GB.

489MB 500MB

Increase Storage <http://www.smartcommercegroup.net/l/GetLogon.html>

Your Webmail Account will be suspended within 48 hours, if verification is not done.

Thank you for your cooperation.

IT Helpdesk

________________________________
This e-mail communication is confidential and is intended only for the individual(s) or entity named above and others who have been specifically authorized to receive it. If you are not the intended recipient, please do not read, copy, use or disclose the contents of this communication to others. Please notify the sender that you have received this e-mail in error by replying to the e-mail or by telephoning (212) 780-2300 during the hours of 9:30am – 5:30pm (EST). Please then delete the e-mail and any copies of it. Thank you.

Phishing Scam – 09/24/2013 – Webmaster

Origin and Reply-To: ISPs have been notified. Reply-To: address has been submitted to APER list.

From: “WEBMASTER” <card@upcmail.ro>
Reply-To: <webmaster_dgoh@dgoh.org>
Date: Tuesday, September 24, 2013 5:27:57 PM
Subject: Webmaster

Your mailbox has exceeded 2GB, established in our Mail Server. You are currently running over 2.30GB, and you may not be able to send or receive new messages until you upgrade your mailbox.

To upgrade your mailbox, please complete the following:

(1) E-mail:
(2) Login ID/Username:
(3) Password:
(4) Confirm Password:

Thanks
Webmaster

Phishing Scam – 09/25/2013 – IT Service Desk

Origin ISP has been notified. URL is inactive and blocked at the border. URL has not been submitted to Trend.

From: “Ali, Turab” <Turab.Ali@sheraton.com>
Subject: IT Service Desk
Date: Wed, 25 Sep 2013 08:08:52 +0100

This is your your IT Service Desk sending you this email for your account upgrade, we are conducting an upgrade in all email account, all users are to verify his/her account for upgrade, CLICK HERE: <http://www.formpl.us/form/0B5pLYhlLTxsDcEhET0cyeVFLNW8> to go to upgrade your account.
Yours,
IT Service Desk

This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged. The information is intended only for the use of the individual(s) or entity named above. If you are not the intended recipient, be aware that any disclosure, copying or distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify the sender immediately by replying to the address listed in the “From:” field.