Kansas State University

search

Scams

Category: Phishing Scams

Scam emails specifically targeting user credentials on K-State systems – like email.

Phishing Scam – 09/18/18 – Your Email Access have been restricted

The URL is blocked at the border, sent to Trend. The Web Host was notified.

From: ******** ********
Sent: Tuesday, September 18, 2018 11:23 AM
Subject: Your Email Access have been restricted
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox.prior to maintain your INBOX.CLICK HERE [https://365mal.weebly.com/] TO VERIFY
Warm Regards,
Web-mail Administrator

To stop receiving messages from ThreeFald [https://outlook.office365.com/owa/threefald@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/threefald@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].

Phishing Scam – 09/18/18 – EMERGENCY

The URL is blocked at the border, sent to Trend. Web Host was notified.

From: ******** ********
Sent: Tuesday, September 18, 2018 11:19 AM
Subject: EMERGENCY
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox.prior to maintain your INBOX.CLICK HERE [https://365mal.weebly.com/] TO VERIFY
Warm Regards,
Web-mail Administrator

To stop receiving messages from SysAdmins [https://outlook.office365.com/owa/sysadmins@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/sysadmins@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].

Phishing Scam – 09/18/18 – An Attempt has been made to sign-In your account

URL is blocked at the border, sent to Trend. Web Host was notified.

From: ******** ********
Sent: Tuesday, September 18, 2018 10:46 AM
Subject: An Attempt has been made to sign-In your account
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox.prior to maintain your INBOX.CLICK HERE [https://365mal.weebly.com/] TO VERIFY
Warm Regards,
Web-mail Administrator

To stop receiving messages from 2017 Trend Upgrade [https://outlook.office365.com/owa/2017trendupgrade@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/2017trendupgrade@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].

Phishing Scam – Your Email Access have been restricted 9/12/2018

URL is blocked at the border, sent to Trend. Web Host was notified.

From: ******** ********
Sent: Wednesday, September 12, 2018 3:16 PM
Subject: Your Email Access have been restricted
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox.prior to maintain your INBOX.CLICK HERE [http://app.form2pay.com/publish/publish_form/203718, http://app.form2pay.com/publish/publish_form/203720] TO VERIFY
Warm Regards,
Web-mail Administrator
To stop receiving messages from 2017 Trend Upgrade [https://outlook.office365.com/owa/2017trendupgrade@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/2017trendupgrade@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].

Phishing Scam – UNABLE TO VERIFY SUBSCRIPTION – 9/11/2018

URL is blocked at the border, sent to Trend. Web Host was notified.

From: MS Message Center
Sent: Monday, September 10, 2018 11:12 PM
To: *********
Subject: UNABLE TO VERIFY SUBSCRIPTION
 Microsoft Office
Unable to Verify Subscription.
User *********
Sorry, we are unable to verify your econ@k-state.edu subscription, so most of your mailbox features have been disabled. Please re-enable now.
RE-ENABLE NOW [http://www.gokdumanspor.com//@crey?userid=*********@k-state.edu]
Why it happens
While you don’t need to be online at all times to use Office 365, you do need to connect to the Internet intermittently so Office 365 can verify that your subscription is still active. If Office 365 can’t check the status of your subscription for an extended period of time (usually around 30 days), you’ll see the ”Unable to Verify Subscription” message, and Office 365 will eventually disable most of your mailbox features.
Thanks,
The Microsoft Office
We hope to continue serving you.
Microsoft Corporation
One MSN Way, Redmond, WA 98052
Microsoft respects your privacy, Please read our online Privacy Statement.
This Message was sent from an unmonitored e-mail address. Please do not reply this message.

Phishing Scam – 09/10/18 – Account Verification

URL is blocked at the border, sent to Trend. Web Host was notified.

From: Mail Teams <notification@office-365.microsoft.co>
Sent: Monday, September 10, 2018 11:58 AM
To: ******** ********
Subject: Account Verification
 office-365
Your account of ********@ksu.edu will be disconnected from sending or receiving mails from other users because you failed to resolve errors on your mail.
RESOLVE ISSUE NOW [https://www.globalstarsurrogacy.com/o.php/?email=********@ksu.edu]
Regards,
Microsoft Security Team
This notification was sent to ********@ksu.edu of Microsoft.com

Phishing Scam – 09/08/18 – An Attempt has been made to sign-In your account

URL is blocked at the border and by Trend. Web Host was notified.

From: ********* ********
Sent: Saturday, September 8, 2018 1:44 PM
Subject: An Attempt has been made to sign-In your account
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox.prior to maintain your INBOX.CLICK HERE [http://app.form2pay.com/publish/publish_form/203678] TO VERIFY
Warm Regards,
Web-mail Administrator
To stop receiving messages from 2016-17 Clovia Officer Team [https://outlook.office365.com/owa/2016-17cloviaofficerteam@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/2016-17cloviaofficerteam@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].

Phishing Scam – 9/8/2018 – Students and staffs of Kansas State University Email Update !!!

Link has been blocked with Palo Alto and submitted to Trend. Webhost has been notified.

From: **** ****** <********@vet.k-state.edu>
Date: Sat, Sep 8, 2018 at 6:15 AM
Subject: Students and staffs of Kansas State University Email Update !!!
To: ******@k-state.edu <*******@k-state.edu>

This mail is to notify the Students and staffs of Kansas State University that
we will be carrying out an E-mail validation exercise. We will need you to
confirm that your account is still in use, please click here
in order to keep your account
active.

Thanks for your Co-Operation.
Regards,
Thanks.
ITS Services Desk
All contents copyright © The Kansas State University | Information
Technology Services.

Phishing Scam – 9/8/2018 – Fwd: EMERGENCY

URL is blocked at the border, sent to Trend. Notified web host.

Get Outlook for iOS [https://aka.ms/o0ukef]
From: ****** ****** <***********@ksu.edu>
Sent: Saturday, September 8, 2018 1:49 PM
Subject: EMERGENCY
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox.prior to maintain your INBOX.CLICK HERE [http://app.form2pay.com/publish/publish_form/203678] TO VERIFY
Warm Regards,
Web-mail Administrator