Kansas State University

search

Scams

Category: Phishing Scams

Scam emails specifically targeting user credentials on K-State systems – like email.

Phishing Scam – 12/13/2018 – Part Time Job Offer…

Sent to Trend.

From: ****** ****** <******>
Sent: Thursday, December 13, 2018 3:34 PM
To: ****** ****** <************@ksu.edu>
Subject: Part Time Job Offer…
Hello and Good day,
   Dr. Martins Patterson is currently looking out for an assistant who is self motivated, reliable, articulate and eager to learn with minimal supervision required to work-from-home part time as his Personal Assistant.
Job Scope:
> Manage diary and schedule meetings and appointments??
> Screen and direct phone calls and distribute correspondence
> Produce reports, presentations and briefs
> Make travel arrangements
Hours:  An Average of 12hrs weekly
Wages: $250.00 weekly
If interested,Click Here [https://form.myjotform.com/83465895995583] and  Submit your resume/cover letter directly to Dr. Martins Patterson
Sincerely,
****** ******

Phishing Scam – 12/12/18 -Job Opportunities !

Link sent to Trend.

From: ******** <*******@ksu.edu [mailto:*******@ksu.edu]>
Date: December 12, 2018 at 6:40:09 PM CST
To: ******** <*********@ksu.edu [mailto:********@ksu.edu]>
Subject:Job Opportunities !
Hello **********@ksu.edu [mailto:********@ksu.edu], 
Customer Impact® is accepting applications for qualified individuals (18+) to become shoppers and merchandisers.
I don’t want you to miss out because I have been working with them part-time for almost six months now and it has been awesome. I give you 100% guarantee of their legitimacy. 
PAYMENT TERMS :
You will receive a flat sum of USD 350 per assignment and could earn up to USD 2000 Per month
The company will furnish you with all expense needed for the assignment and any other expense incurred during the course of executing your assignment, With no sign up fee. 
Click Here [https://www.myjotform.com/83455848329571] to Learn more about this offer to earn while shopping.
Thanks,  
*********

Phishing Scam – 12/12/18 – Important Notification

URL sent to Trend.

From: ***********
Sent: Wednesday, December 12, 2018 4:59 PM
To: ********
Subject: Important Notification
 This is to notify you that we are validating all  active email accounts. Kindly confirm that your account is still in use by clicking the validation link below:
Validate Email Account [https://service.secure.untrewpo.ga/temp]  to Sign in to resolve the error.
Sincerely!
IT Help Desk

Phishing Scam – Access to your Ksu Office 365 will be lost – 12/10/2018

Blocked at border, sent to Trend. Web Host notified.

From: Exchange Ksu
Sent: Monday, December 10, 2018 7:19 AM
To: innovatekansas
Subject: Access to your Ksu Office 365 will be lost
Message is from Ksu trusted source.
  Reconfirm your Ksu Password

Your password on your account in*******@ksu.edu would expire on 12/10/2018 05:19:59 am.
Kindly reconfirm your password to keep your account safe from being locked.

Reconfirm Ksu Password [https://amodomiokitchen.com?p=aW5ub3ZhdGVrYW5zYXNAa3N1LmVkdQ==]   Review Messages [https://amodomiokitchen.com ?p=aW5ub3ZhdGVrYW5zYXNAa3N1LmVkdQ==]

To stop separating items that are identified as clutter, go to Options.
This system notification isn’t an email message and you can’t reply to it.
You received this mandatory service announcement to notify you about the important changes.

Phishing Scam – Reconfirm your k-state.edu details – 12/7/2018

Blocked at border, sent to Trend. Web Host notified.

From: Microsoft K-state Service
Sent: Friday, December 7, 2018 4:01 AM
To: KSU Transcripts
Subject: Re: Reconfirm your k-state.edu details
Microsoft Office-365
Reconfirm your k-state.edu details
Dear **********
You have some pending mails on *********,
Access to these mails will be pending until reconfirm your account.
You have 24hours to perform this action from below portal.
Reconfirm Account Now [http://www.cuckoldportugal.pt?email=*******@k-state.edu]
Best Regards
K-state Mail System
If you wish to automatically perform this action next time; Subscribe Now [http://www.cuckoldportugal.pt/newsletters/unsubscribe/]

Phishing Scam – 12/07/18 – Re: Reconfirm your k-state.edu details

Blocked at border, sent to Trend. Web Host notified.

From: Microsoft K-state Service <ms-oxprotp.mssimple.apcprd01@got.gotuxhosting.com>
Sent: Friday, December 7, 2018 3:56 AM
To: ********
Subject: Re: Reconfirm your k-state.edu details
Microsoft Office-365
Reconfirm your k-state.edu details
Dear ********@k-state.edu
You have some pending mails on ********@k-state.edu,
Access to these mails will be pending until reconfirm your account.
You have 24hours to perform this action from below portal.
Reconfirm Account Now [http://www.cuckoldportugal.pt?email=********@k-state.edu]
Best Regards
K-state Mail System
If you wish to automatically perform this action next time; Subscribe Now [http://www.cuckoldportugal.pt/newsletters/unsubscribe/21]

Phishing Scam – 12/06/18 – KANSAS STATE UNIVERSITY STRATEGIC PLAN UPDATE

The file was sent to Trend. The ISP was notified.

From: Jessica L Brownell <jessica.brownell@wmich.edu>
Sent: Thursday, December 6, 2018 12:36 PM
Subject: KANSAS STATE UNIVERSITY STRATEGIC PLAN UPDATE
Dear Colleagues,
Our aims are to provide guidance and align our behaviors as we make great decisions that impact our daily operations. we rely on our values and this code as guidelines, as a breach of the Policy may result in disciplinary action against the Employee concerned.
All employees, including all individuals on full-time or part-time employment with the Institution, are required to go through the guidelines attached in this email. It is important that we all adhere to these guidelines so you will be helping to ensure a future success of this great institution
Thank you for your ongoing commitment to delivering a better and reliable service.
Richard B. Myers
President

Phishing Scam – 12/3/18 – Security Alert. ********@ksu.edu was compromised. Password must be changed.

Reply-To Bitcoin Scam.

From: ********@ksu.edu <********@ksu.edu>
Sent: Monday, December 3, 2018 3:11 PM
To: Lauren Bailey
Subject: Security Alert. ********@ksu.edu was compromised. Password must be changed.
 Hello!
I have very bad news for you.
09/08/2018 – on this day I hacked your OS and got full access to your account ********@ksu.edu
So, you can change the password, yes… But my malware intercepts it every time.
How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.
After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I’m talk you about sites for adults.
I want to say – you are a BIG pervert. Your fantasy is shifted far away from the normal course!
And I got an idea….
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!
I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $753 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!
Pay ONLY in Bitcoins!
My BTC wallet: 182PJESsEWbuJ8PEgfM58p64jbok3i1gNU
You do not know how to use bitcoins?
Enter a query in any search engine: “how to replenish btc wallet”.
It’s extremely easy
For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.
After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.
I hope you understand your situation.
– Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.
P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
 This is the word of honor hacker
I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.
Do not hold evil! I just do my job.
Good luck.

Phishing Scam – 11/30/18 – Асtiоn Nееdеd: Vеrify Yоur Ассоunt

URL is blocked at the border and already blocked by Trend. The web host was notified.

From: Sесurity <usYFYF1cml1cmler@telus.net>
Sent: Friday, November 30, 2018 1:47 AM
To: ******** ******** <*******@ksu.edu>
Subject: Асtiоn Nееdеd: Vеrify Yоur Ассоunt
Importance: High
From a trusted sender.
Hi ********@ksu.edu [mailto:********@ksu.edu],
To avoid disruption of your email service, please confirm *********@ksu.edu* [mailto:*********@ksu.edu*] below.
Confirm now [https://carolinaprimarycaredurham.com/henmicrosoft?email=********@ksu.edu]
Note: Action will be effective briefly. This is a mandatory communication about this service.
© 2018 Office Mail Service – Mail was sent to: ********@ksu.edu [mailto:********@ksu.edu]