Sent to Microsoft and Google anti-phishing and notified email server host.
From: Amelia <email@example.com>
Sent: Thursday, October 31, 2019 12:46 PM
Subject: Security Notice. Someone has access to your system.
I am a hacker who has access to your operating system.
I also have full access to your account.
I’ve been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this,
transfer the amount of $500 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: 3KaqkQhfUYrFWGX3dKBN4z2QnoXh15K9pW
After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
Reply-To Phishing Scam with PDF attachment.
From: Reid Adams <firstname.lastname@example.org>
Date: Fri, 25 Oct 2019
Subject: INTERNSHIP OPPORTUNITY FOR UNIVERSITIES
Phishing attempt. Blocked at the border. Notified web-host, Trend, and Microsoft.
From: “Sandy Amaro, Pearson” <email@example.com [mailto:firstname.lastname@example.org]>
Subject: Paid Research Opportunities with Pearson
Date: October 24, 2019 at 2:31:19 PM CDT
To: <*******@k-state.edu [mailto:*******@k-state.edu]>
Reply-To: “Sandy Amaro, Pearson” <reply-fe95167271650c7970-667_HTMLemail@example.com [mailto:reply-fe95167271650c7970-667_HTMLfirstname.lastname@example.org]>
**These messages have been known to be malicious. Please, be very cautious with these messages.**
Dear Professor *******,
Pearson invites you to complete a ~15 minute research activity related to textbook selection in exchange for a $15 Amazon gift card. Fully completing the activity will also automatically enter you into a raffle to win an additional $250 Amazon gift card. All payouts and a winner will be announced on November 4th, 2019.
To participate, simply follow the link below to begin. Be sure to type your email in carefully so that we may process your payment.
Begin activity → [http://click.ocrm3.pearson.com/?qs=2755048319a06e362735e703131a32a78d77c3ad162934d4009dfafed2b5f11511aafa055fbdcbe312a455b0590b59aee4f238a04a8964d9]
Thank you very much for your participation.
User Experience Administrator
[http://click.ocrm3.pearson.com/?qs=2755048319a06e3624f3bbb93759edc3dffba552c78eca3e54dcadb5ebd9e854aeb6d2d0679c6c9876bd406f05667ee42b6910d30cbdb90f] [http://click.ocrm3.pearson.com/?qs=2755048319a06e363d7c2aab0be4168aafa1ed07e1706038c70b486f8199d7b78a03e10827f474a34910d82f6bf391d811e1cc9ab737cafe] [http://click.ocrm3.pearson.com/?qs=2755048319a06e364779d92ec6cb1b3282d8ea94d5f71835d8ac7ac350a8e54d1ff0b05938431f3e22444fe2ac50dce51b7e6fe9ff7514b7] [http://click.ocrm3.pearson.com/?qs=2755048319a06e36a9c5d911d3298089dcc13d35de6683c71e5a8fc94687838730b436c1e8640078bc1552484a631a20852bf4a017bd6c53]
View in browser [http://view.ocrm3.pearson.com/?qs=e2cb6df87077950678d23373e66c390e309b87e41b8349dc074ee4400f32afa5eba14887bfb63ce741236ea45732d8b4cefe8804df087bb4cb810d33300e253dc0cbc7126af36f0f07bd91e360e2b23b]
Email Preference Center [http://click.ocrm3.pearson.com/?qs=2755048319a06e361aa7f90c985ca583902576a434b3e07bf67ce677fdd4a4b2eb60699a505f3e20c4ce364eee1e033f2d13495d5f688928e7d1bbfce3e7b98c] | Unsubscribe [http://click.ocrm3.pearson.com/?qs=2755048319a06e36c50f90754bb0ac097c05e037f5dc67b5b21dc1f2dbf6bc6e9e291907f7b0e24339baca644640ebb32465389f5ae19567aa3968d4ec527741]
Copyright © 2019 Pearson Education [http://click.ocrm3.pearson.com/?qs=2755048319a06e36abe5ac91715a4fb47a9bcb9edbee60e8fa9cd1ffed4e39e1d993682b2179b1736595c6b4a5e6ddb1148073bf9bea0a9b]
Pearson Shared Services Limited |
221 River Street, Hoboken, NJ 07030 | United States [http://click.ocrm3.pearson.com/?qs=2755048319a06e36bb8dd3f83304ae3b005c0873c250f959cf3507917e638e19aca467eb57c89390281d22a72ff4374417bc76577ac3b5a7]
Phishing with a link. Notified web host, Trend, and Microsoft.
From: K-state Admin Alerts <email@example.com>
Date: October 17, 2019 at 3:14:46 PM MDT
To: ******* ******* <*******@ksu.edu>
Subject:High-severity alert: Deferred Messages from K-state Mail Server Error:20pul
Mail Server Error
Your K-state mail server is experiencing some deliverability problems and is scheduled for deactivation, on Monday, May 13, 2019. Here is the description of the error:
Resolve Error [https://k-state-edu.miltfumc.org/hndmw.wat?vz=f9a2Vuc0BrLXN0YXRlLmVkdQ%3D%3D]
K-state Mail server hostname does not match with EHLO/HELO greeting. The SMTP greeting include 3-digit code, followed by a space or a dash, and the mail server host name. If your email header hostname does not match with EHLO or HELO, your email may be blocked by anti-spam software. This is a technical violation of RFC 821 Section 4.3 and RFC 2821 Section 4.3.1. The hostname given in the SMTP greeting must have an A record pointing back to the mail server.
Account Name: *******@k-state.edu
Mail Server: K-state
This email was sent from an unmonitored mailbox.
URL blocked at the border, sent to Trend.
From: **** ********* <*************@ksu.edu>
Sent: Thursday, October 10, 2019 11:22:23 PM
Subject: Quota Limit Reached – New message(s) will now be returned
You have received this message because you have reached your Quota limit. Incoming messages will therefore bounce or return to sender.
Reset your quota using this link http://www.ksu.edu/helpdesk/Kupdate [https://cutt.ly/DeouX14] , and avoid losing incoming messages.
IT Help Desk,
214 Hale Library
Manhattan, KS 66506
Copyright © 2019
URL Blocked at the border, sent to Trend.
From: ***** <****@ksu.edu [mailto:****@ksu.edu]>
Date: October 9, 2019 at 6:21:09 PM CDT
All Staff and Student are expected to migrate to the New Microsoft Outlook 2019 Web portal to access the following,
· Access the new staff directory
· Access your pay slips and P60s
· Update your ID photo
· Avoid delay in Email delivery (Incoming and Outgoing Email messages)
· Synchronize Cellphone contact with Email
Important notice: Staffs and students are expected to migrate within 24 hours to avoid uninterrupted email service. CLICK HERE [http://vovo-c15.cf/suv/office] to migrate
On behalf of IT Support, this is a group email account and it is being monitored 24/7. Therefore, do not ignore this notification as it is very important.
Phishing with a link.
From: Kayla Lichty
Sent: Tuesday, October 08, 2019 3:41 PM
Subject: Due Invoice.
Please find attached your latest statement of account as of today for your review and advise as to when we would receive our payment as forwarded to us from our finance department.
We urge you settle at your earliest to avoid use of legal actions for retrieval by our legal department.
402 ½ Main Street, Cedar Falls, Iowa 50613
This e-mail, together with any attachments, is for the exclusive and confidential use of the intended addressee. Unless you are the intended addressee (or authorized to receive for the intended addressee), you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this message is error, please notify the sender via e-mail immediately and delete the message from your computer without making any copies.