Kansas State University

search

Scams

Month: April 2016

Phishing Scam – 04/16/16 – Warning: Mail Storage Exceed Limit

The URL was not active, it is blocked at the border and is on Trend. The web host and ISP were notified.

From: Webmail <Webmail@donotreply.com>
Sent: Saturday, April 16, 2016 9:25 AM
To: econ
Subject: Warning: Mail Storage Exceed Limit
 Dear user
Your mailbox quota is full
This may cause your mailbox so Impaired or you may no longer receive more More email
To continue using your mailbox, you Require immediate upgrade of your mailbox This service is free.
Upgrade mailbox quota here [http://firstclasstravel.ma/back/img/avatars/vmuserfield/slim.php]

Once the upgrade is complete, your email Box will work effectively.
Mail Service 2016

Phishing Scam – 04/16/16 – Confirm Your E-Mail Details

The ISP has been notified. The Reply-to address has been submitted to the APER list.

From: Email Update 2016 Admin <Admin@doenz.at>
Sent: Saturday, April 16, 2016 8:53 PM
Subject: Confirm Your E-Mail Details
Dear Members:
This message is from Information Technology Services of This Email to
all our Staff. We are currently upgrading our database and e-mail center
and this is our final notification to you.we have sent several messages
to you without response.
We are deleting all unused Mail account to create space for new accounts.
In order not to be suspended, you will have to update your account by
providing the information listed below: updatevices@yahoo.co.jp
Confirm Your E-Mail Details..
User-ID::…………………..
E-mail Address::…………………..
E-mail Password::…………..
Re E-mail Password::………….
If you fail to confirm your continuous usage of our services by confirming
your email password now, your account will be disable and you will not be
able to access your email. You should immediately reply this email: updatevices@yahoo.co.jp
++++++++++++++++IP and Date+++++++++++++++
Thanks for your understanding.
Regard,
IT Services

This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Phishing scam – 04/15/16 – Notice of compensation (salary) increase‏

URL is active and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: “Haus, Sondra” <Hauss@centracare.com>
Subject: Notice of compensation (salary) increase
Date: Fri, 15 Apr 2016 15:31:32 +0000

Hello,
You are qualified for a pay raise on your next paycheck, follow the steps below to immediately confirm your details. Allow few hours for your congratulatory letter to be delivered to your email after confirming your details below.
Click here to confirm your details:
http://employee-compensation [http://salaryraise.angelfire.com/]
we thank you for your ongoing commitment to excellence here. and congratulate you on your outstanding performance! please note and be advised that matter relating to salary are confidential in nature and should not be divulged to other employees.
Sincerely,
Human Resources
Confidentiality Notice: This e-mail and any attachment may contain confidential information that is legally privileged. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party unless required to do so by law or regulation. If you are not the intended recipient, you are hereby notified any disclosure, copying, distribution or action taken in reliance on the contents of these documents is strictly prohibited. If you have received this transmission in error, please notify the sender immediately, reply to this transmission, or contact the CentraCare Health Privacy officer at (320) 255-5916 and delete these documents.

Phishing Scams – 4/15/2016 – IT Helpdesk Request‏‏.‏‏‎‏‎

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Paul Koeferl <Paul.Koeferl@rexnord.com>
Subject: IT Helpdesk Request
Date: Fri, 15 Apr 2016 14:41:34 +0000

Dear Webmail User,

Two of your incoming mails were placed on our pending list due to the recent upgrade in our database. You are required to immediately upgrade your currently inactive service in our database by clicking the below link and Login with your correct Webmail information. In order to receive your messages kindly CLICK HERE (http://hellpoffice.sitey.me/) We apologize for any inconvenience and do appreciate your understanding.

Exchange Administrator Central.
Powered by Microsoft Outlook Web Team.

Phishing Scam – 4/14/16 – HELP DESK

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: “Knall, Shannon” <ShannonKnall@students.rossu.edu>
Subject: HELP DESK
Date: Thu, 14 Apr 2016 21:04:07 +0000

Dear User
Your password will finally expire today Click Here [http://mailsecuritydesk2016.jimdo.com/] to validate your e-mail.
Thanks
System Administrator

Phishing Scam – 04/13/2016 – “HELP DESK”

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Laughlin, Courtney E. <celaughl@UTMB.EDU>
Sent: Wednesday, April 13, 2016 8:08 PM
Subject: HELP DESK
This is an Email Service Alert from Helpdesk. This is to inform you that your mailbox has exceeds its storage limit, you will be unable to receive and send emails. To re-set your Account Space on our database, prior to maintain your INBOX from 20G to 20.9G. CLICK HERE [http://adamin-helpdesk.weebly.com/] to Activate.
Warm Regards,
Helpdesk Administrator.

Phishing Scam – 04/13/16 – Support

Origin ISP has been notified. URL is active and blocked at the border. The URL is being blocked by Trend.

From: ******** ******** <********@ksu.edu>
Subject: Support
Date: Wed, 13 Apr 2016 15:59:20 +0000

Click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages.
CLICK LINK BELOW:
http://heldesksupport.sitey.me/ [http://heldesksupport.sitey.me/]

Phishing Scam – 4/12/16 – HELP DESK RE-VALIDATE

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: “Ronald Allan S. de los Reyes” <rasdlreyes@mcl.edu.ph>
Date: Tue, 12 Apr 2016 17:13:26 +0000
Subject: HELP DESK RE-VALIDATE

Dear User
Your password will finally expire today Click Here [http://vukatumatu.jimdo.com/] to validate your e-mail.
Thanks
System Administrator

Phishing Scam – 4/11/16 – Quota 99%

Origin ISP have been notified. URL is inactive and blocked at the border. URL has been submitted to Trend.

From: Natasha Sekelja <mailto:natasha.sekelja@sydney.edu.au>
Date: Monday, April 11, 2016 3:41 PM
Subject: Quota 99%

Your UNiversity Webmail Inbox Quota is Full. (Click Here) <http://webadmiin.2fh.co/> to Upgrade webmail Storage.
Help Desk.

Phishing Scam – 4/7/16 – Webmail Update for ********@k-state.edu

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: K-State <********@k-state.edu>
To: <*********@k-state.edu>
Date: Thu, 7 Apr 2016 15:05:25 -0700
Subject: Webmail Update for ckdunn@k-state.edu

Dear *******@k-state.edu [mailto:********@k-state.edu],
Due to high number of inactive accounts on the server, all users are advised to update their account within 48 hours of receiving this notice, using the link below to update their account activity.
Use this link [http://babyandcoimport.com.au/k-state/edu.html] to login and update your account activity.
Failure to update might process your account as inactive, and you may experience interruption of services or undue errors. Please comply.

Thanks,
IT Services
Kansas State University

The information transmitted is intended only for ckdunn@k-state.edu [mailto:ckdunn@k-state.edu] and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.