Kansas State University

search

Scams

Month: August 2016

Phishing Scam – 08/31/16 – RE: OIT Alert – Email Submission Routine

The URL is not active, is blocked at the border and submitted to Trend. The Web Host and ISP were notified.

From: Phelps, Jeff <Jeff.Phelps@ccs.spokane.edu>
Sent: Wednesday, August 31, 2016 4:59 AM
Subject: RE: OIT Alert – Email Submission Routine
Sent: Wednesday, August 31, 2016 2:23 AM
Subject: OIT Alert – Email Submission Routine
Urgent technical notification to all web-email User, an account submission routine is in schedule this is as a result of unidentified activity in our database. kindly follow submit to reconfirm login:   SUBMIT [http://pinsource.com.es/layouts/joomla/wmail.htm]
HelpDesk Team.

Phishing Scam – 8/30/16 – Updates to our terms of use and privacy statement

Origin ISP and Web Host have been notified. URL is active and blocked on the border. URL has been submitted to Trend.

From: microsoftteam <Y_bparker@msn.com>
Date: August 30, 2016 at 6:15:00 PM CDT
Subject: Updates to our terms of use and privacy statement

You are receiving this email because we are updating the Microsoft Services Agreement, which applies to one or more Microsoft products or services you use. We are making these updates to clarify our terms and ensure that they remain transparent for you, as well as to cover additional Microsoft products, services and features.

The Microsoft Services Agreement is an agreement between you and Microsoft (or one of its affiliates) that governs your use of Microsoft consumer online products and services.

If you fail to update your account into the new Outlook Mail Experience in 48 hours, Outlook will terminate its service for your account and all your data will be lost automatically.

Follow the service link below to get your account Validated.
VERIFY ACCOUNT <flyingheaven.com/royal/Outlook-New/Sign In.htm>

Thank you for using Microsoft products and services.
<flyingheaven.com/royal/Outlook-New/Sign In.htm>

Phishing Scam – 8/30/16 – Attention

Origin ISP and Reply-To ISP have been notified. Reply-to email address not submitted to APER list. Email address in scam body submitted to APER list.

From: ******* ******** <********@ksu.edu>
Subject: Attention
Date: Tue, 30 Aug 2016 13:25:17 +0000

Attention: Beneficiary,
I am Mr. Joseph Dunford, I work with the Barclays Bank Plc.  UK, i wish to place your name as the beneficiary to fifteen million three hundred British Pounds only, due to the death of the depositor who died years ago along with his family.
However, i assure you that this transaction will be executed under a legitimate arrangement that will protect you from any breach of the law both in your country and here in U.K once the fund is transferred to your bank account. The funds I am referring to is right here in this bank floating in suspense account, therefore i solicit for your to be in collaboration with me to have this done, it will be transferred into an account you will provide anywhere in the world. I will need you to provide the cooperation following information urgently to enable the attorney start the processing of the all the relevant legal documents for the fund remittance.
1) Name:..
2) Address:..
3) Tel:..
4) Age:..
5) Sex:..
6) Occupation Status:
Waiting for your reply soon.
Yours Faithfully,
Mr. Joseph Dunford
josephfdunford83@hotmail.com [mailto:josephfdunford83@hotmail.com]

Phishing Scam – 8/27/16 – Webmail validation

Origin ISP and Web Host have been notified. URL is active and blocked on the border. URL has been submitted to Trend.

From: “Administrator ” <info@webmasterr.com> (sureshchougule@utpindia.com)
Subject: Webmail validation
Date: Sat, 27 Aug 2016 05:53:46 -0700

Your E-mail Box has reached its maximum limit of 500 MB storage and your account will be deactivated if you do not upgrade it now. To upgrade your web-mail account, Click_Now [https://www.tfaforms.com/439591] fill out ID Login & Password for more storage. The resource you requested requires you to authenticate.
Your account shall remain active after you have successfully confirmed your account.
Copyright © 2016 Web mail Control Unit • ALL RIGHTS RESERVED •

Phishing Scam – 8/28/16 – Meeting Notification

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL is being blocked by Trend.

Date: Mon, 29 Aug 2016 06:23:00 -0500
From: Kansas State University <helpdesk@k-state.edu> (Spoofed, actual address is: blitton@servers.digitalsynapsebd.com
)
Subject: Meeting Notification

You have a meeting notification.

Click here <http://www.geetasilkmills.com/k-state.edu/index.php> to view full details

Thank you.
Kansas State University

Phishing Scam – 08/26/2016 – From Web-mail System Management Team

URL is inactive, has been blocked at the border. Origin ISP was notified.

From: SDO Ukwa <mailto:sdoukwa@mpforest.org>
Sent: Thursday, August 25, 2016 12:14 PM
Subject: From Web-mail System Management Team

Dear Webmail User,
Your mailbox has exceeded the storage limit which is 10GB as set by the administrator, you are running the 13.6 GB, please re-authenticate your mailbox click or copy the link below:
http://xoiadmsunt.jimdo.com/
Warning: failure to re-set your mailbox to be processed and-active from our database.
System Management Team,
(c) Gannon Copyright 2016
web masters

Phishing Scam – 8/25/16 – Support

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: ******** ******** <********@ksu.edu>
Subject: Support
Date: Thu, 25 Aug 2016 16:51:08 +0000

Your e-mail account was LOGIN today by Unknown IP address, Click on the Administrator link below and LOGIN to validate and Verify your e-mail account or your account will be temporary block for sending more messages.

CLICK LINK BELOW
<http://ksuhelpdesk.sitey.me/>

Phishing Scam – 08/25/16 – Support

The URL was not active, blocked at the border, submitted to Trend. Notified the Web Host and ISP.

From: ********** **********
Sent: Thursday, August 25, 2016 11:17 AM
Subject: Support
Your e-mail account was LOGIN today by Unknown IP address, Click on the Administrator link below and LOGIN to validate and Verify your e-mail account or your account will be temporary block for sending more messages.
CLICK LINK BELOW
http://helpdeskksu.sitey.me/ [http://ksuhelpdesk.sitey.me/]

Phishing Scam – 08/24/16 – WARNING!!!”irregular login attempts”Your E-mail account will be temporarily blocked Verify Now

The URL was not active, blocked at the border, submitted to Trend. Notified the Web Host and ISP.

From: Email Administrator Inc lt&;silasjona@gmx.degt&;
Sent: Wednesday, August 24, 2016 1:32 AM
To: ********** **********
Subject: WARNING!!!”irregular login attempts”Your E-mail account will be temporarily blocked Verify Now
Hi **********@ksu.edu,
Recently we received some notifications regarding your account:**********@ksu.edu which might be due to recent changes made in your email or irregular login attempts on your account.
We will ensure that we block your account if we do not hear from you. Please kindly click the link below to verify and stop this attempts to your account.
Continue verification
Note: If you mistakenly receive this message in your spam folder and the activation link is not clickable above, move the message to your inbox and try again
Thanks,
The Email Team

This email has been sent from an unmonitored email address. Please do not reply to this message. We are unable to respond to replies.

Phishing Scam – 8/24/16 – Support

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: ******** ******** <********@ksu.edu>
Subject: Support
Date: Wed, 24 Aug 2016 11:18:53 +0000

Your e-mail account was LOGIN today by Unknown IP address, Click on the Administrator link below and LOGIN to validate and Verify your e-mail account or your account will be temporary block for sending more messages.

CLICK LINK BELOW
http://ksuhelpdesk.sitey.me/