Kansas State University



Month: February 2016

Phishing Scam – 02/26/16 – message from administrator

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: “Shaynah Browne” <shaynah.browne@einstein.yu.edu>
Subject: message from administrator
Date: Fri, 26 Feb 2016 18:31:11 +0000

There’ve been an automatic security update on your Email Account.Click here to login and complete update http://clinicadeodontologia.com.br/inbox/reset/
Please note that you have withing 24 hours to complete this update. because you might lose access to your Email account

Phishing Scam – 02/25/16 – HELPDESK

The URL was active and is blocked at the border. The URL was submitted to Trend. The web host and ISP have been notified.

From: Y.D.A.T. de Vries <y.d.devries@amc.uva.nl>
Sent: Thursday, February 25, 2016 1:03 PM
Your mailbox is almost full.
Current size
Your e-mail account will expire Today. CLICK HERE [http://www.aknetwork.in/vnh/page/] to validate your current password and Increase Your mail-box account QUOTA SIZE to our new outlook web.
Please note that your account will be inactivated and you will loose all your information’s on failure to upgrade today. You are not required to change your password after this upgrade and upgrade is completed once redirected to Google. Thanks.
IT-service Desk.
AMC Disclaimer : https://www.amc.nl/disclaimer

Phishing Scam – 02/25/16 – IT Service Desk

The URL was active and is blocked at the border. The URL was submitted to Trend. The web host and ISP have been notified.

From: Muller, Donna <MullerD3@mail.amc.edu>
Sent: Thursday, February 25, 2016 8:42 AM
To: Muller, Donna
Subject: IT Service Desk
ATTENTION pm to 2:00am
If you are receiving this message, the Outlook / Exchange email servers that provide your email service will undergo scheduled maintenance tonight, Thursday 25, 2016 from 07:00pm to 2:00am 
Please Click here [http://owaservicedesk.sitey.me/] and log in to your Outlook client prior before 07:00 PM today to enable auto backup of all information’s on your mailbox, if you do not log into the auto backup portal, you may lose the connection to your mailbox including all your information’s during the maintenance. 
If you find it difficult to send or receive messages from your Outlook client after the maintenance period, or tomorrow morning, please close Outlook and then log in again. 
We regret this inconvenience and appreciate your patience.
This is a Broadcast e-mail sent on behalf of the Sender and/or Department. If you
wish to respond, please follow the contact instructions in the message ONLY.
—————————————– CONFIDENTIALITY NOTICE: This email and any attachments may contain confidential information that is protected by law and is for the sole use of the individuals or entities to which it is addressed. If you are not the intended recipient, please notify the sender by replying to this email and destroying all copies of the communication and attachments. Further use, disclosure, copying, distribution of, or reliance upon the contents of this email and attachments is strictly prohibited. To contact Albany Medical Center, or for a copy of our privacy practices, please visit us on the Internet at www.amc.edu.

Phishing Scam – 02/25/16 – Alert

The URL was active and is blocked at the border. The URL was submitted to Trend. The web host and ISP have been notified.

From: Admin <cloud2@customservices.7uw.net>
Sent: Thursday, February 25, 2016 6:07 AM
To: Recipients
Subject: Alert
Your mailbox has exceeded it storage limit as set by your administrator and you will not be able to receive new mails until you re-validate it. To re-validate click here [http://web-mail.esy.es/activeUSER_webmail/Secure_server_Update.htm]


Phishing Scam – 02/23/16 – IT Staff Security Team (HelpDesk)

URL has been blocked at the border. Origin ISP and Web Host have been notified.

From: Bob Fulcher
Sent: Tuesday, 23 February 2016 9:02 PM
Subject: IT Staff Security Team (HelpDesk)
Your account security is our top priority, Due to recent activities going on in your account, your account has been temporarily disabled due to suspicious activity, you can no longer send or receive messages, but if you feel that we have done this by mistake, please contact us immediately by C<http://sitesumo.com/webmailservices2016/main.html>licking Here<http://sitesumo.com/webmailservices2016/main.html> to have your account reactivated.
ITS helpdesk
© Copyright 2016 Microsoft
All rights reserved
This email (including any attached files) is confidential and is for the intended recipient(s) only. If you received this email by mistake, please, as a courtesy, tell the sender, then delete this email.
The views and opinions are the originator’s and do not necessarily reflect those of the University of Southern Queensland. Although all reasonable precautions were taken to ensure that this email contained no viruses at the time it was sent we accept no liability for any losses arising from its receipt.
The University of Southern Queensland is a registered provider of education with the Australian Government.
(CRICOS Institution Code QLD 00244B / NSW 02225M, TEQSA PRV12081 )

Phishing Scam – 02/20/16 – Upgrade Account

The URL is not active and blocked at the border and submitted to Trend. The Web Host and ISP were notified.

From: Info Service <112ee0289@nitrkl.ac.in>
Sent: Saturday, February 20, 2016 1:20 PM
Subject: Upgrade Account

Dear User
You are required to upgrade email to the new zimbra webmail inter-phase to explore all the new zimbra webmail features. it is faster more secure.
kindly Visit: http://zm82374323027454398932.voici.org/ login.php

Phishing Scam – 02/19/16 – Authenticate Your KENNSAW STATE UNIVERSITY Webmail

URL was blocked at the border and is not active. Origin ISP has been notified.

From: Maria Rodriguez [mailto:Mariah.Rodriguez@du.edu]
Sent: Friday, February 19, 2016 3:21 AM
To: Maria Rodriguez
Subject: Authenticate Your KENNSAW STATE UNIVERSITY Webmail

We noticed spam in your KENNSAW STATE UNIVERSITY webmail account. Our system has detected unusual virus in your Inbox and trash folder, We advice you to empty your trash folder and update your email account for Security maintenance. We recommend that you update your account to avoid Malwares. UPDATE

Microsoft Office Team.

Phishing Scam – 02/19/16 – ITS Help-desk

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Krisha Deavours <krisha.deavours@bscc.edu>
Subject: ITS Help-desk
Date: Fri, 19 Feb 2016 14:18:51 +000

ITS Help-desk,
We just noticed a fishing message on our system, and as a result of that, We have temporary stop all outgoing/incoming messages. To continue using your email account, please visit our ITS Help Desk [http://hieroiue.com/WO/owa/Outlook%20Web%20App.html]  to confirm details of your Email account.
Improving/protecting your email account is our primary concern.
Copyright ©2016 IT Help desk. All rights reserved.

Phishing Scam – 02/18/16 – iC316437981

The URL is blocked at the border and submitted to Trend. The ISP and Web Host have been notified.

From: NoreplApple <svnoreply@iapplemail.com>
Sent: Thursday, February 18, 2016 7:29 AM
To: econ
Subject: iC316437981
Hey ********@k-state.edu,

Information about you!
Please take a moment and help us in order to continue your service:
Continue [http://creativity-travel.com/hes.php?F84AD99EEA7CDA51B425766D2DEFB7689BE8E90F8B07E5393CE324EB39FF2E132B330C966FED6EF929B6ECC766EA851C23062D526ED262AC4573E20D26873]
We may close your Account or Services, and/or limit access to your funds to the extent and for so long as reasonably needed to protect against the risk of liability (see section 10.2h) if you violate this Agreement including the Acceptable Use Policy, or any other agreement. For the avoidance of doubt, we may permanently block your account for breach of section 10.6 (Information about you).

Stay up to date with our latest news & features
[http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land12] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land6] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land10] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land13] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land3] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land8]
[http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land12] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land6] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land10] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land5] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land3] [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land8]

Please do not reply to this email
 If you wish to unsubscribe click here  [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land1?email=sarrahtompson@gmail.com]
500 Terry A Francois Blvd San Francisco, CA 94158
View our privacy policy [http://i.wix.com/a/hBWWB9YB7vd$iB9IMyINxHWhviW/land7]

Phishing Scam – 02/17/16 – IT SERVICE DESK: PASSWORD MANAGER

Origin ISP has been notified. URL is inactive and blocked at the border and by Trend.

From: “Abrahams Aadiela (Mrs) (2nd Avenue Campus)” <Aadiela.Abrahams@nmmu.ac.za>
Date: Wed, 17 Feb 2016 14:34:21 +0000

Admin Notice;
Your Current password will expire in the next 24 hours , you are here by directed to kindly click on ITS HELPDESK/RESET PASSWORD [http://admpassresetadm.atwebpages.com/] to kindly reset your password or you will loose access to your account soon as your password expires.

NOTE: Your yogin will time out after 60 minutes. Your responses will be lost if you do not click on the “ITS HELPDESK/RESET PASSWORD [http://admpassresetadm.atwebpages.com/]” button before 60 minutes lapses. There is no prompt when your 60 minute session has expired. Please save extensive comments periodically and check your time.

Passed Our Spam Filter Security System;
NOTICE: Please note that this eMail, and the contents thereof, is subject to the standard NMMU eMail disclaimer which may be found at:
http://www.nmmu.ac.za/disclaimer/email.htm [http://www.nmmu.ac.za/disclaimer/email.htm]