Kansas State University

search

Scams

Month: October 2014

Phishing Scam – 10/16/14 – Important Message !

Origin ISP and web host have been notified. URL is not blocked at the border and has been submitted to Trend.

From: Jonathan Nickell [mailto:Jonathan.Nickell@wallawalla.edu]
Sent: Thursday, October 16, 2014 7:38 AM
To: Jonathan Nickell
Subject: RE: Important Message !

Dear user,

The following evaluations have been assigned to you,due to the server upgarde Please Click up “upgrade” below to complete these evaluations.
UPGRADE USING SECURE ENCRYPTION (https://secure.blueoctane.net/forms/15O1VDQS8L8F)
NOTE:Your responses will be lost if you do not click on the “upgrade” button before 10 minutes lapses. There is no prompt when your 20 minute session has expired. Please save extensive comments periodically and check your time.

ITS Service Desk
Connected to Microsoft Exchange,
© 2014 Microsoft Corporation. All rights reserved.

Phishing Scam – 10/14/14 – UPDATE YOUR KSU.EDU ACCOUNT !!!

Origin ISP and web host have been notified. URL is blocked at the border and submitted to Trend.

From: User <********@ksu.edu>
Subject: UPDATE YOUR KSU.EDU ACCOUNT !!!
Date: Tue, 14 Oct 2014 21:28:46 +0000

Attn: Faculty/Staff/Students,​

Your e-mail account was Login today by Unknown IP address: 103.240.180.228, Click Here to update your account
or your e-mail will be temporary block or disable for sending more messages.

This message is from Webmail Administrator Messaging Center to all Webmail Account Owners. Please follow instruction on this message and your account will be updated within 24hours. We sincerely apologize for this unusual problem. Thank you for using our online services.

Webmail Administrator……

Phishing Scam – 10/14/14 – RE: ITS HELP-DESK

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: “Greengross, Steven A.” <greengrosss1@southernct.edu>
Subject: RE: ITS HELP-DESK
Date: Tue, 14 Oct 2014 13:09:35 +0000

Dear user,
The following evaluations have been assigned to you. Please log in to complete these evaluations.
CLICK HERE <http://owamailmymail.jigsy.com/> TO EVALUATE USING SECURE ENCRYPTION
NOTE: Your log in will time out after 60 minutes. Your responses will be lost if you do not click on the “secure” button before 60 minutes lapses. There is no prompt when your 60 minute session has expired. Please save extensive comments periodically and check your time.

Phishing Scam – 10/13/14 – NOTICE

URL is inactive and blocked at the border. The URL is being blocked by Trend.

From: User <********@ksu.edu>
Subject: NOTICE
Date: Mon, 13 Oct 2014 21:05:30 +0000

Attn: Faculty/Staff/Students,

Your email account will soon be suspended (Reason: Quarterly quota maintenance). To update your email account, please Click Here <http://www.webadministrators.pe.hu/> immediately for reactivation of your Web-Mail Account.

This mail is sent to you from our secured CSSD service Center. Please follow instruction on this message and your account will be updated within 24hours. We sincerely apologize for this unusual problem.

Thank you for using our online services.
Webmail Administrator.​

Phishing Scam – 10/09/14 – MAIL BOX

Origin ISP has been notified. URL is inactive and blocked at the border. The URL has been submitted to Trend.

From: Cottengim, Jessica A <Jessica.Cottengim@Mercy.Net>
Subject: MAIL BOX
Date: Thu, 9 Oct 2014 11:40:27 +0000

DEAR USER,
WE CURRENTLY UPGRADED TO 4GB SPACE.CLICK HERE ON: WEBMAIL STAFF/STUDENT UPGRADE

This electronic mail and any attached documents are intended solely for the named addressee(s) and contain confidential information. If you are not an addressee, or responsible for delivering this email to an addressee, you have received this email in error and are notified that reading, copying, or disclosing this email is prohibited. If you received this email in error, immediately reply to the sender and delete the message completely from your computer system.

Phishing Scam – 10/07/14 – Attention: Webmail User

Origin ISP has been notified. URL is inactive and blocked at the border. The URL has not been submitted to Trend.

From: Admin <marknicol80@gmail.com>
Subject: Attention: Webmail User
Date: Tue, 7 Oct 2014 03:36:21 +0100

Your two incoming mail has been placed on hold, click on the link http://www.authpro.com/auth/marknicol/?action=reg to reactivate it,

The mail system will send you this warning message up to once every 24hrs for as long as this condition persists. Note that, by the time you receive this message, you may have processed some of your email and may no longer be over quota.

Thank you,

Copyright © 2001-2014,©. All Rights Reserved..

Home Maps & Directions Search Terms of Use Emergency Info©. Copyright Complaints Trademark Notice

Phishing Scam – 10/01/14 – User

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: Marguerita.Estes@memphistn.gov [mailto:Marguerita.Estes@memphistn.gov]
Sent: Wednesday, October 01, 2014 8:37 AM
To: help@desk.edu
Subject: User

465MB​
500MB

Mailbox Exceeded It Storage Limit Click Here <https://www.cognitoforms.com/DomainUpdate1/OutlookOwaExchangeOnlineWeb> To Upgrade your account, we are conducting an upgrade in all account.
System Administrator
©Copyright 2014 Microsoft​​​​​​​​​​

Phishing Scam – 10/01/14 – IT Desk

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: “Barone, Nancy” <Nancy.Barone@UCHealth.com>
Subject: IT Desk
Thread-Topic: IT Desk
Date: Tue, 30 Sep 2014 23:52:41 +0000

Dear Email Account Users,

We are upgrading Email over the next several weeks.

GO TO: Click <http://fastserviceweborg.t15.org/> And Submit your details for confirmation of account.

Thanks for your Co-operation.

________________________________

Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.