Kansas State University

search

Scams

Category: Phishing Scams

Scam emails specifically targeting user credentials on K-State systems – like email.

Phishing Scam – 07/20/20 – P.A Job Offer (COVID-19)

Reply-to scam looking for user information via job enticement.

From: ******* <*******>
Sent: Monday, July 20, 2020 4:28 AM
Cc: ******* <*******>
Subject: P.A Job Offer (COVID-19)
Dear Student,
Due to the recent outbreak of the COVID-19 Coronavirus across the country, we have decided to offer a Work Online From Home Job with a pay of $500 weekly, please respond with your direct cell number and Non Edu email where job description can be forwarded to.
This is very important, so please complete this as soon as possible.
Sincerely,
Deborah Gattuso

Phishing Scam – 07/20/20 – P.A Job Offer

Reply-to scam looking for user information via job enticement.

From: ******* <*******>
Sent: Monday, July 20, 2020 5:12 AM
Cc: ******* <*******>
Subject: P.A Job Offer
Dear Student,
Due to the recent outbreak of the COVID-19 Coronavirus across the country, we have decided to offer a Work Online From Home Job with a pay of $500 weekly, please respond with your direct cell number and Non Edu email where job description can be forwarded to.
This is very important, so please complete this as soon as possible.
Sincerely,
Deborah Gattuso

Phishing Scam – 07/16/20 – Ksu Presents: SocietyX Virtual – Therapeutic Art (FREE)

This is a phishing scam with a link. It attempts to lure the recipient to come to a fake virtual event using a malicious link. The link has been taken down by the domain website.

From: Ksu Events
Sent: Wednesday, July 15, 2020 9:08:38 PM
To: Nicole Hamler <************@ksu.edu>
Subject: Ksu Presents: SocietyX Virtual – Therapeutic Art (FREE)
What is Art Therapy?
Art therapy, as defined by the American Art Therapy Association, allows for creative expression that can overcome the limitations of language. In other words, if an idea or emotion is too difficult, confusing, or painful to be said, written, or signed, then maybe drawing, painting, sculpting, coloring, sewing, collaging, and many other methods of visual art can surpass the stumbling block of language. Its potential applications can help improve areas of deficit like: Cognition and sensory-motor function; Self-esteem and self-awareness; Emotional resilience; Insight; Social skills; Conflicts and distress (About Art Therapy, 2017).
Share with friends and join the chat!
https://www.irl.com/ksu-presents-societyx-virtual-therapeutic-art-free-/Sk2Bx8kl
Powered by IRL [https://www.irl.com/dl/]
unsubscribe [https://www.irl.com/unsubscribe-email?email=************@k-state.edu&token=bced8ec523847642478e0588fc284d4773d35b9512ac29d4946e3c5a488ad729]

Phishing Scam – 07/15/20 – Post-processing Alert

Reply-To Scam.

From: DataPath Admin <datapath.info@gmail.com>
Sent: Wednesday, July 15, 2020 2:03 PM
To: ****** <*****@ksu.edu>
Subject: Post-processing Alert
Hi,
The reimbursement schedule template “Daily ACH” associated with your organization, Grant County Ext, ran successfully on 07/15/2020 at 02:00 PM. The sum of all paid amounts for reimbursement is $70.00, $70.00 in ACH and $0.00 in check.
File name(s):

Phishing Scam – 07/14/2020 – phys.ksu.edu security service. Third party accessed to *******@phys.ksu.edu.

This is a reply-to phishing scam hoping to scare users into sending them bitcoins. All web hosts have been notified.

From: *******@phys.ksu.edu <*******@phys.ksu.edu>
Sent: Tuesday, July 14, 2020 6:34 PM
To: *******@phys.ksu.edu <*******@phys.ksu.edu>
Subject: phys.ksu.edu security service. Third party accessed to *****@phys.ksu.edu.
 Hello!
I’m is very good programmer, known in darkweb as felizio05.
I hacked this mailbox more than 3 months ago,
through it I infected your operating system with a virus (trojan) created by me and have been spying for you a very long time.
I understand it is hard to believe, but I have full access to your account:
You can check it yourself, I’m wrote you from yours account!
Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.
I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.
I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!
During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!
I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $1200(USD) is quite a fair price to destroy the dirt I created.
Send the above amount on my BTC wallet (bitcoin): 157R7UeFCPVx4V1Z3bZHdo2xc9FznfAHU8
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.
Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!
Since reading this letter you have 48 hours!
After your reading this message, I’ll receive an automatic notification that you have seen the letter.
Please do not try to answer me, the from-address is generated automatically!
I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!
Good luck!

Phishing Scam – 07/11/18 – Availability..

This is a reply-to phishing scam attempting to coerce, by extending a job offer, the recipient to reply with personal information. The email requests the recipient to respond with their personal cell phone number and non-edu email.

From: ***** <*****@ksu.edu>
Sent: Monday, July 13, 2020 6:53 AM
Cc: ***** <*****@ksu.edu>
Subject: Availability..
Dear Student,
Due to the recent outbreak of the COVID-19 Coronavirus across the country, we have decided to offer a Work Online From Home Job with a pay of $500 weekly, please respond with your direct cell number and Non Edu email where job description can be forwarded to.
This is very important, so please complete this as soon as possible.
Sincerely,
Francesca Ricci

Phishing Scam – 07/13/2020 – Job Update (COVID-19)

This is a reply-to phishing scam attempting to coerce, by extending a job offer, the recipient to reply with personal information. The email requests the recipient to respond with their personal cell phone number and non-edu email.

From: ************ <*******@ksu.edu>
Sent: Monday, July 13, 2020 7:40 AM
Cc: ************ <********@ksu.edu>
Subject: Availability..
Dear Student,
Due to the recent outbreak of the COVID-19 Coronavirus across the country, we have decided to offer a Work Online From Home Job with a pay of $500 weekly, please respond with your direct cell number and Non Edu email where job description can be forwarded to.
This is very important, so please complete this as soon as possible.
Sincerely,
Francesca Ricci

Phishing Scam – 07/12/2020 – Greetings?

This is a reply-to phishing scam. Google, Microsoft, and Yahoo have been notified.

From: Mrs. Sarah Robert <roonyandrw@yahoo.com>
Sent: Sunday, July 12, 2020 5:10 PM
Subject: Greetings?

My Dear,
I’m Mrs. Sarah H. Robert, 77 years old dying widow from Australia; that was diagnosed of cancer about 4 years ago. I got your details after an extensive online search Via (Network Power Charitable Trust) for a reliable person, I have decided to donate my late husband WILL valued of ($5,500,000,00) (Five Million Five Hundred Thousand United States Dollars) to you for charitable goals. Get back to me if you will be interesting in carrying out this humanitarian project, so that i can arrange for the release of the funds to you for the work of charity before entering the surgery theater. Contact me via E-mail at : sararrobrt@gmail.com Sincerely, Mrs. Sarah H. Robert.

Phishing Scam – 07/10/20 – Ksu Alert..

This is a phishing scam with a link. It attempts to scare the recipient that their password is expired and their account will be deactivated.

From: ******* ******* <*******@ksu.edu>
Sent: Friday, July 10, 2020 05:33 AM
Cc: ******* ******* <*******@ksu.edu>
Subject: Ksu Alert..
Your ksu edu account will be De-activated shortly
To stop De-activation Click Here [http://www.123formbuilder.com/form-5545205/form] and Log In
IT Help Desk.

Phishing Scam – 07/10/20 – Job Update (COVID-19)

This is a reply-to phishing scam attempting to coerce, by extending a job offer, the recipient to reply with personal information. The email includes a .jpg attachment with text requesting the recipient respond with their cell phone number and non-edu email.

From: ******* *******
Sent: Friday, July 10, 2020 5:25 AM
Cc: ******* ******* <*******@ksu.edu>
Subject: Job Update (COVID-19)