Kansas State University



Month: September 2014

Phishing Scam – 9/07/2014 – RE: WEB-MAIL CLEANUP SYSTEM​

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: DORIS JOHNSON <DXJOHNS4@sentara.com>
Date: Mon, 8 Sep 2014 05:43:05 +0000

This is an automatic message sent by our security system to let you know that you have 48 hours to confirm your account information. Once you have updated your account records, your account will be automatically upgraded. This will help protect your account in the future. This process does not take more than 3 minutes.

To proceed to confirm your account details please CLICK HERE
We apologize for any inconvenience caused.

Your sincerely,
WEB MAIL Security Department
ICTS Help Desk =A9 2014

This electronic message and its contents and attachments contain information from Sentara Healthcare and is confidential or otherwise protected from disclosure. The information is intended to be for the addressee only.

If you are not the addressee, any disclosure, copy, distribution or use of the contents of this message is prohibited. If you have received this electronic message in error, please notify us immediately and destroy the original message and all copies.

Phishing Scam – 9/05/2014 – Administrative Notice

Origin and Reply-To: ISPs have been notified. Reply-To: address has been submitted to APER list.

From: Help Desk <info@compensatingcables.net>
Subject: RE: Administrative Notice
Date: September 4, 2014 at 2:57:10 PM CDT
Reply-To: <customer.care.team.01@tech-center.com>

Help Desk

Attention Account User,

Scheduled Maintenance & Upgrade

Your account is in the process of being upgraded to a newest
Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along with IMAP Support for mobile devices to enhance your usage.

To ensure that your account is not disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:

* Domain\user name:
* Password:

This will prompt the upgrade of your account.

Failure to acknowledge the receipt of this notification, might result to a temporary deactivation of your account from our database. Your account shall remain active upon your confirmation of your login details.

We do apologize for any inconveniences caused.


Your Customer Care Team

(c) Copyright 2014, All Rights Reserved.

Phishing Scam – 9/04/2014 – Email Security Alert: Account De-Activation

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

Date: Thu, 4 Sep 2014 09:51:00 -0700
From: Admin <collins76@tritons.iowacentral.edu >
Sent: Thursday, September 4, 2014 9:51 AM
To: undisclosed-recipients:
Subject: Email Security Alert: Account De-Activation

[Summary: A flood has been noticed in your outbound mail activity leading to Virus Attack on our database.]

Description: Number of messages sent from your email ID has exceeded the limit set by your Administrator on our database and a DFXG Virus has been detected on your mailbox. Your Email may have been compromised by external entity, thereby causing Virus Attack to our database. We are deactivating your service immediately, if no action is taken.

To protect your mailbox from de-activation, you are required to verify your email account. Kindly CLICK HERE or click below, you would be redirected to a verification page, Login your email with the correct password for verification, read the confirmation page and follow the instruction.

To Verify You Email: CLICK HERE

Thank you for your understanding; we solicit your prompt cooperation.

Phishing Scam – 9/4/2014 – Notice !

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: BOI [mailto:no-reply@Boi.com]
Sent: Thursday, September 04, 2014 5:07 AM
To: Users
Subject: Notice !

Your account has 1 New Alert, received on Thu, 04 Sep 2014, 10.22 AM. Please click here to visit 365Online Account Login. (http://www.sghshospitals.com/wp-content/plugins/contact-form-7/365/index.php)

We recommend that you check your email frequently for notifications that impact your account activity.

Phishing Scam – 9/3/2014 – Kansas Warning!

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: Kansas State University <dte108@psu.edu>
Subject: Kansas Warning!
Date: Wed, 3 Sep 2014 19:43:19 -0400

You have exceeded the storage limit on your mailbox.You will not be able to send or receive new mail until you upgrade your email.
Click the below link and fill the form to upgrade your account.
© 2014 Kansas State University

Phishing Scam – 9/2/2014 – Mailbox

Origin ISP has been notified. URL is being blocked by Microsoft.

From: “studalum (studalum)” <studalum@juniata.edu>
Subject: RE: Mailbox
Date: Tue, 2 Sep 2014 21:49:53 +0000

Your mailbox is full.
465MB 500MB
Current size Maximum size
Your mailbox has exceeded it storage limit. You will not be able to receive new mails at 480MB. Click here<UrlBlockedError.aspx> to update your account.

CONFIDENTIALITY NOTICE: The materials in this electronic mail transmission (including all attachments) are private and confidential and are the property of the sender. The information contained in the material is privileged and is intended only for the use of the named addressee(s). If you are not the intended addressee, be advised that any unauthorized disclosure, copying, distribution or the taking of any action in reliance on the contents of this material is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to the e-mail, and then destroy it immediately. Thank you.