Kansas State University

search

Scams

Month: July 2015

Phishing Scam – 07/17/15 – RE: Information Technology Services (ITS)

URL is inactive and blocked at the border. The URL has been submitted to Trend. Origin ISP and web host have been notified. This scam originated from an Australia server so received and sent dates do not match.

From: “Linda J. Lee” <Linda.Lee@hnehealth.nsw.gov.au>
Date: Fri, 17 Jul 2015 00:50:38 +1000
Subject: RE: Information Technology Services (ITS)

The Information Technology Services (ITS) are currently updating our new website Accounts. Please follow the instruction to upgrade your email account CLICK HERE FOR UPGRADE [http://emailacessdesk.moonfruit.com/] The new minimum quota level for e-mail accounts will be set to 4G.

Phishing Scam – 07/16/15 – Inquiry

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend

From: Usama khan <winindstry@gmail.com>
Date: Thursday, July 16, 2015 at 3:25 AM
Subject: Inquiry

Kind Attention:
We appreciate your effort for an inquiry on the product we want you to supply us with the following specifications and Commodity. Also the quantity and exact delivery location so that you can revert to us with your quote on the listed below:

Terms Of Export:
Inspection by SGS
Max Order 20.000 MT
Quantity Offered Per Year:100.000 MT
Payment Terms: ,T/T,Bank Transfer,
our CIF price

Here I include our purchase order link for you to get more information.

http://host37.qnop.net/~hgcepaci/database/vorder/porder.html

Kindly login with your company’s valid e-mail and click download to see our purchase order and quantities we need from your company and quote your best selling price by issue and compare with our own price we need to buy.

Regards and God bless

Roger Igo
6 Brooks Drive Suite 201
Braintree, MA 02184 – View Map
Phone: (786)525-3712
Email: sales@verdellc.com
Web: www.verdellc.com

Phishing Scam – 07/13/15 – Re: Email Account

Origin and Reply-To: ISPs have been notified. Reply-To: address has been on APER list since 07/14/2015.

From: Webmail Administrator <admin@datait.it>
Subject: Re: Email Account
Date: Monday, July 13, 2015 6:45 PM
Reply-To: <michaelwoley@wildblue.net>

Dear User,
Your Edu Mail quota has reached limit and you might not be able to send or receive new mail until you re-validate your mailbox. To re-validate your mailbox reply to this mail by sending the below details:
Email Address:
Username:
Password:
Regards,
Technical Support
192.168.0.1

Phishing Scam – 07/14/15 – Doc

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend

From: Del Parkinson <dparkins@boisestate.edu>
Date: Tue, 14 Jul 2015 12:15:22 -0600
Subject: Doc

Did you get my previous email? I tried a couple of times to send you this file but to no avail. I was able to attach it using drop box . Please view at your earliest convenience. For easy and secure access click here (http://bit.ly/1LcIOiF) (http://www.amura.cl/private/dropbox/) to access file.

Phishing Scam – 07/12/15 – From: K-State Union Catering

URL is inactive and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: K-State Union Catering <KStateUnionCatering@policlinico.pa.it>
Subject: From: K-State Union Catering
Date: Fri, 12 Jun 2015 05:21:03 +0000

Hi! How are you? 
Have you seen this http://www.arcadeshootinggames.info/heavy.php?K_State_Union_Catering [http://www.arcadeshootinggames.info/heavy.php?K_State_Union_Catering] before? 
Oprah had been using it for over a year! 
K-State Union Catering 
Sent from Yahoo Mail for iPhone [https://overview.mail.yahoo.com/?.src=iOS]

Phishing Scam – 07/13/15 – Re-Validate Web Admin

URL is inactive and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: sebastian drevstad <sebastian.drevstad@euruni.edu>
Subject: Re-Validate Web Admin
Date: Mon, 13 Jul 2015 20:03:42 +0000

Re-Validate Web Admin
 
Your mail quota has exceeded the set quota/limit and you are currently running On Low GB due to hidden files and folder on your mailbox.
 
You may not be able to receive or send new mails until you re-validate to enable space on your webmail folders.
 
Kindly click or copy and paste the link http://securityservicesalert.jimdo.com/ [http://securityservicesalert.jimdo.com/]  on your browser to re-validate your account and to prevent it from been DE-activated from our webmail database.
 
Re-Validate Web Admin.
 
Web-mail Customer Services 71594822 Copyright c 2015 E! Inc. (Co Reg.No. 9589386G) All rights reserved.

Phishing Scam – 7-12-15 – Re-Validate Web Admin

The URL is not active and is blocked at the border. The ISP and Web Host have been notified. The URL was submitted to Trend.

From: Noor Zuriaty Rashid <NoorZuriaty@jkr.gov.kr.gov.my>
Sent: Sunday, July 12, 2015 4:00 PM
Subject: Re-Validate Web Admin

Re-Validate Web Admin
Your mail quota has exceeded the set quota/limit and you are currently running On Low GB due to hidden files and folder on your mailbox.
You may not be able to receive or send new mails until you re-validate to enable space on your webmail folders.
Kindly click or copy and paste the link http://securityserviceaccess.jimdo.com/ [http://securityserviceaccess.jimdo.com/] on your browser to re-validate your account and to prevent it from been DE-activated from our webmail database.
Re-Validate Web Admin .
Web-mail Customer Services 71594822 Copyright c 2015 E! Inc. (Co
Reg.No. 9589386G) All rights reserved.

Phishing Scam – 7/9/15 – Alert!!!

URL is not active and is blocked at the border. The ISP and Web Host have been notified. URL was submitted to Trend.

From: ITS User Support
Date: Thursday, July 9, 2015 7:16 PM
Subject: Alert!!!
 
Your Email Access have been restricted, due to several hours of in-
activeness online. For your e-mail access verification Please *Click Here &;lt;http://ksu-help-desk.jimdo.com/>*, 
and fill the form.

Phishing Scam – 7/9/15 – Webmail upgrade

Origin ISP has been notified. Reply-To: address has been submitted to APER list.

From: DEVILLE Norbert
Date: Thu, Jul 9, 2015 at 8:00 AM
Subject: Webmail upgrade

ATTENTION!
Dear User,
This is your webmail administrator. Please,be informed that the email
server has just been upgraded and your email needs to be reset immediately.
This process is to keep the University system server updated and protected
as always.
FILL IN THE DETAILS BELOW TO RESET YOUR EMAIL NOW
USER NAME:
EMAIL ID:
PASSWORD:
Regards,
help desk
ADMIN TEAM
©Copyright 2015 Microsoft
All Right Reserved.

Phishing Scam – 7/8/15 – Dear Webmail Account Owner

URL is not active and is blocked at the border. The ISP and Web Host have been notified. URL was submitted to Trend.

From: sar-ka@arcor.de < sar-ka@arcor.de >
Sent: Wednesday, July 8, 2015 12:40 PM
To: admin@webmail.com
Subject: Dear Webmail Account Owner,

Dear Webmail Account Owner,

This message is from web mail admin messaging center to all Web Mail account owners. that our security system detected virus in the database mail account. To protect your account, we need to install again in 2015- anti-spam and anti-virus software and We are also currently upgrading our data base and e-mail account center. We are canceling unused web mail email account to create more space for new accounts.

Please click on the link below for account upgrading.

http://collegewebmailupgrade.3eeweb.com/logg.html

If clicking the link above does not work, copy and paste the URL in a
new browser window instead.

Thank you for using Web Mail
Support Team