Kansas State University

search

Scams

Month: November 2016

Phishing Scam – 11/29/16 – Your Email storage is almost full.

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Molly Rubenstein <mrubenstein@jccpgh.org>
Date: Tue, 29 Nov 2016 08:35:26 -0500
Subject: Your Email storage is almost full.

Your Email storage is almost full.

Your webmail has used 91% of its allowable storage space.
Once your account exceeds the allowable storage space you will be unable to receive any email.
Click Resolve<http://billingssh.info/02:05web> for more space and submit your web-mail required information to resolve this technical issue.
Support Desk

Phishing Scam – 11/28/16 – WARNING!!!

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

Date: Mon, 28 Nov 2016 13:20:47 -0600
Subject: WARNING!!!
From: Support <help@clark.edu>

Your Mailbox Has Exceeded It’s loted Quota As Set By Your Administrator, And You Will Not Be Able To Receive Or Send New Mails Until You Re-Validate.To Re-Validate CLICK HERE <http://nologo3.weebly.com>

System Administrator.
Copyright ©2016 Email Helpdesk Center

Phishing Scam – 11/25/16 – This is your email administrator

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: ******** ******** <*******@ksu.edu>
Sent: Friday, November 25, 2016 7:16 AM
Subject: This is your email administrator

ATTENTION!
=========================

Dear User,

This is your webmail administrator. Please,be informed that the email server has just been upgraded and your email needs to be reset immediately.
This process is to keep the Kansas State University system server updated and protected as always.

CLICK BELOW TO RESET YOUR EMAIL NOW:

Sign In [http://signin.kstate.edu.webiso.login.service.fpassthrough.signin.kstate.edu.dwsignin1.vyy9kz0wbsakygqqkhlgecjvtp.stardame.com/ksu/index.htm]

Regards,

Kansas State University.

Phishing Scam – 11/24/16 – helpdesk

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

Second Scam:
From: ******* ******
Sent: Thursday, November 24, 2016 4:25:22 PM
To: info@helpdesk.edu
Subject: HelpDesk
Your e-mail account was LOGIN today by Unknown IP address, click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages.
Click Below:
http://ksu-helpdesk-verify.sitey.me/ [http://ksu-helpdesk-verify.sitey.me/]

First scam:
From: ******** ********
Sent: Thursday, November 24, 2016 4:27 PM
To: info@helpdesk.edu
Subject: helpdesk

Your e-mail account was LOGIN today by Unknown IP address, click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages.

Click Below:
http://helpdesk-ksu.sitey.me/

You’re receiving this message because you’re a member of the ITAC Social Committee group. If you don’t want to receive messages from this group, unsubscribe.

View group conversations | View group files

Phishing Scam – 11/23/16 – FW: A message from President Lee C. Bollinger

URL was active, has been blocked at the border, submitted to Trend Micro, and Web Host/ISP Origin have been notified.

From: <*******@k-state.edu> [mailto:Andi.sidell@gordon.edu]
Sent: Wednesday, November 23, 2016 12:47 PM
To: <***@ksu.edu>
Subject: A message from President Lee C. Bollinger
Importance: High
Hello ***@k-state.edu [mailto:***@k-state.edu],
  You have received a new message from President C. Bollinger, Click here [http://langermanonline.co.za/cas.columbia.edu.html] to view the message now.
Regards,
Lee C. Bollinger.
Office of the President,
President and Vice Columbia University.

Phishing Scam – 11/23/16 – Hello

URL was active, is blocked at border, submitted to Trend. Notified Web Host and ISP.

From: “******** <********@k-state.edu [mailto:********@k-state.edu]>” <Wayne.pearson@gordon.edu [mailto:Wayne.pearson@gordon.edu]>
Subject: A message from ********
Date: November 23, 2016 at 12:03:55 PM CST
To: <********@k-state.edu [mailto:********@k-state.edu]>
Reply-To: <noreply@k-state.edu [mailto:noreply@k-state.edu]>
Hello ********@k-state.edu [mailto:********@k-state.edu],
  You have received a new message from ********, Click here [http://prakashgupta.com/signin.k-state.edu.html] to view the message now.
K-State Proud,
********
Office of the President,
President Kansas State University.

Phishing Scam – 11/22/16 – Heldpesk Email

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL is being blocked by Trend.

From: “Bryan, Mary” <BryanMa@collierschools.com>Subject: RE: Heldpesk Email
Date: Mon, 21 Nov 2016 23:51:52 +0000

Your email account LOGIN Was today by Unknown IP IP address 232.22.88 233, click on the link below Administrator to validate your email account or your account will be temporary block for sending more messages.

Click Link To Validate Your Account <http://prohibit.ro/Wp-includes/stff/>

Sincerely,

IT Department

Phishing Scam – 11/18/16 – YOUR EMAIL ACCOUNT HAS BEEN CLOSED

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: k-state.edu <********@ksu.edu> (not a K-State official account)
Subject: YOUR EMAIL ACCOUNT HAS BEEN CLOSED
Date: Fri, 18 Nov 2016 12:05:15 +0000

The Kansas State University

Due to a recent security issue your email account is temporarily deactivated.
You are required to reactivate your Kansas State University email account in less than
24 hours.follow below link and reconfirm your Kansas State University
email account details.

http://gbskeerbergen.be/https.signin.k.state.edu.WebISO.login.service.https.3A.2F.2Fpassthrough.signin.k.state.edu.2Fpassthrough/k-state.edu.htm

Thank You
© Kansas State University

Phishing Scam – 11/17/16 – FW:

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

Date: Thu, 17 Nov 2016 13:21:32 +0000
From: “Hasenauer, Barbara” <HaseBar@SDMFSCHOOLS.ORG>
Subject: FW
To: <********@LISTSERV.KSU.EDU>

Dear user

Your mailbox is almost full.

1969MB

2000MB

Current size

Maximum size

Your mailbox is almost full and likely to shut down if not
upgraded to a higher MB. Click Click here<http://egbefumerehotmailcom.webeden.co.uk/> to upgrade your mailbox.

Copyright © 2015 Miami Administrator. All rights reserved.
CAUTION: The contents of email messages should not be considered private or confidential because they may be archived and subject to disclosure under certain circumstances, such as requests made pursuant to Wisconsin public records law. NOTICE: This email and any attached files are intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized use, distribution, copying or disclosure by you or to any other person is prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.

Phishing Scam – 11/16/16 – Webmail Account Update Notification

Origin ISP and Web Host have been notified. URL has been submitted to Trend.

Date: Wed, 16 Nov 2016 05:06:46 +0300
Subject: Webmail Account Update Notification
From: WEBMASTER TEAM

Dear Customer,
This is a courtesy notice that your incoming messages were placed on
pending due to exceeded email limits and you are required to validate your
email account within 24 hours by login your web mail to expand your web
mail service. Click or copy and paste the link bellow to login for your
web mail expansion
Click here: https://formcrafts.com/a/24112 [https://formcrafts.com/a/24112]
Webmail Technical Support
Copyright 2016. All Rights Reserved
Upgrade your email experience now and save 33% with a yearly subscription