Phishing Scam – 02/12/16 – hello jasonnelson

URL is inactive and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: Gail Moore <littlehorserider@perfecture.com>
Subject: hello jasonnelson
Date: Fri, 12 Feb 2016 18:54:37 +0000

Good evening jasonnelson

http://vigilprosecurity.com/barn.php?guess=a12fy3sdb48

Gail

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/12/16 – hello jasonnelson

Phishing Scam – 02/11/16 – Verify Your Kansas State University Webmail Account To Avoid Closure

Origin ISP and Reply-to ISP have been notified. Reply-to email address has been submitted to APER on 2/11/2016.

From: Kansas State University <emailloginupgade1@gmail.com>
Reply-To: verify-acc-data2@hotmail.com
Subject: Verify Your Kansas State University Webmail Account To Avoid Closure
Date: Thu, 11 Feb 2016 02:21:48 -0800

Dear Kansas State University Account Holder,
Be informed that our (Kansas State University) Account Term have decided to code your (Kansas State University) Email address for more security.We are currently Upgrading and doing maintenance on our email webmail we are currently moving all our Faculty/Staff/student E-mail to the new Account Data Plane. For you not to lost your ID and sign-in details to your Email account you are advised to Submit your University Web mail login details.

PLEASE NOTE:
Fill The Below Details and Send Your University Web mail Details to our
Upgrade Office email(verify-acc-data2@hotmail.com)
Name:—————————————
User ID:————————————
Password:———————————–
You Must Send Us Scanned Copy Of Your ID/International Passport or
Drivers License:………….
Student or Staff:—————————

Note-Submit your email account details to Our (Kansas State University) Email (verify-acc-data2@hotmail.com) any failure for you not to submit your E-mail account details to our account unit online to(verify-acc-data2@hotmail.com) your email account will be closed and you will lost your email account permanently.Make sure you attached a copy of your scanned ID/International Passport or Drivers License for verification.
Be Warn
(Kansas State University) ACCOUNT TEAM

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/11/16 – Verify Your Kansas State University Webmail Account To Avoid Closure

Phishing Scam – 01/24/16 – new message

Web Host has been notified. URL is inactive and blocked at the border. URL has been submitted to Trend.

From: <********@ksu.edu>
Subject: new message
Date: Jan, 24 2016 03:20:28

Email Body:
Hey!
Open message <http://starparktekstil.com/tired.php?r3o>
kdillard@ksu.edu

Posted in Phishing Scams | Comments Off on Phishing Scam – 01/24/16 – new message

Phishing Scam – 02/10/16 – Webmail Alert

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Kansas State University <Markeia.T.Tivis@live.mercer.edu>
Subject: Webmail Alert
Date: Wed, 10 Feb 2016 03:20:28 +0800

Dear User,
Due to the recent upgrade on our server, we urge you to validate your webmail login information. Kindly click on our site url below and follow prompt to validate your webmail. http://www.k-state.edu [http://www.shoutad.com/email/k-state.edu/index.htm] Failure to adhere to the instruction above may lead to account suspension.
Thank You.
Kansas State University

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/10/16 – Webmail Alert

Phishing Scam – 02/09/16 – Notice

Origin ISP and Web host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Craig Coleman <Craig.Coleman@NorthernAdelaideSC.sa.edu.au>
Subject: RE: Notice
Date: Tue, 9 Feb 2016 16:58:17 +0000

Mailbox is full, 00.1 GB, Please reduce your mailbox size. expand your email quota (size)
CLICK HERE: IT ADMINISTRATOR SERVICE.<http://servanna.ezweb123.com/>

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/09/16 – Notice

Phishing Scam – 02/08/16 – Mailbox Helpdesk

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: “Graves, Tina” <tina.graves@christushealth.org>
Subject: Mailbox Helpdesk
Date: Mon, 8 Feb 2016 13:00:39 +0000

Dear Staff(s).

New security updates need to be performed on our servers, due to the rate of phishing. Please CLICK HERE [http://www.adinata-architecture.com/rewr/rewr/] and sign in to the IT Help server for maintenance and update of your mailbox.

If your mailbox is not updated soon, Your account will be inactive and cannot send or receive messages.

On behalf of the IT department, this IT Alert Notification was brought to you by the Help Desk Department. This is a group email account and its been monitored 24/7, therefore, please do not ignore this notification, because its very compulsory.

Sincerely,
IT Department

©2016 Microsoft Outlook. All Rights Reserved.

CONFIDENTIALITY NOTICE:  Confidential information, such as identifiable patient health information or business information, is subject to protection under state and federal law.  If you are not the intended recipient of this message, you may not disclose, print, copy or disseminate this information.  If you have received this in error, please reply and notify the sender (only) and delete the message.  Unauthorized interception of this e-mail is a violation of federal criminal law.

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/08/16 – Mailbox Helpdesk

Phishing Scam – 02/01/16 – Outlook / Exchange email

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: Camille Byron <cabyron@CHPNET.ORG>
Date: Mon, 1 Feb 2016 10:37:14 -0500
Subject: RE: Outlook / Exchange email

ATTENTION
Impacted Groups: 2016 Outlook/Exchange Users
Monday Feburary 1, 2016 from 07:00pm to 2:00am

If you are receiving this message, the Outlook / Exchange email servers that provide your email service will undergo scheduled maintenance tonight, Feburary 1, 2016 from 07:00pm to 2:00am
Please Click here (http://sitesumo.com/helpdeskportal/main.html) and log in to your Outlook client prior before 07:00 PM today to enable auto backup of all information’s on your mailbox, if you do not log into the auto backup portal, you may lose the connection to your mailbox including all your information’s during the maintenance.
If you find it difficult to send or receive messages from your Outlook client after the maintenance period, or tomorrow morning, please close Outlook and then log in again. We regret this inconvenience and appreciate your patience.
—————————————————————————-
PLEASE DO NOT REPLY DIRECTLY TO THIS MESSAGE.
This is a Broadcast e-mail sent on behalf of the Sender and/or Department. If you wish to respond, please follow the contact instructions in the message ONLY. This message and any attachments are confidential and intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, you are prohibited from printing, copying, forwarding, saving, or otherwise using or relying upon them in any manner. Please notify the sender immediately if you have received this message by mistake and delete it from your system.

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/01/16 – Outlook / Exchange email

Phishing Scam – 02/02/16 – Admin Notification…

The URL was active and is blocked at the border. The URL was submitted to Trend. The Web Host and ISP were notified

From: O’Hare Ruth (NHS CENTRAL LONDON (WESTMINSTER) CCG) <ruthohare@nhs.net>
Sent: Tuesday, February 2, 2016 7:57 AM
To: O’Hare Ruth (NHS CENTRAL LONDON (WESTMINSTER) CCG)
Subject: Admin Notification…‏

Attention,

Your Password Expires in 2hour(s) You are to change your Password below via the ACCOUNT MANAGEMENT PAGE.

Click on CHANGE-PASSWORD [http://outlookpasswordsecuritydesk.moonfruit.com/]

If Password is not change in the next 2hour(s) Your next log-in Access will be declined.

Regards,
IT Services

Many Thanks,

Posted in Phishing Scams | Comments Off on Phishing Scam – 02/02/16 – Admin Notification…

Phishing Scam – 01/31/16 – Help Desk

Origin ISP and Web Host have been notified. URL is active and not blocked at the border. URL has been submitted to trend.

From: “Berry, Alicia Renae – berryar” <berryar@jmu.edu>
Subject: Help Desk
Date: Sun, 31 Jan 2016 12:49:05 +0000

Dear User,Your two incoming mail has been placed on hold, to reactivate it UPGRADE [https://urldefense.proofpoint.com/v2/url?u=http-3A__global-2Dportal247.tripod.com_&d=BQMFAw&c=eLbWYnpnzycBC
gmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=FJZPRxmZZGw_d0jAHgx-Bw&m=Y1RaGDTmuwY_9hXz0rw0x8ud45KClP1WfuUMi2DLlFY&
s=na89GafxSzdcdN0okg_qKODGTSHg4CrNk8qI0W5lXzs&e=]
Warning:FAILURE TO DO THIS WILL LEAD TO DEACTIVATION OF YOUR ACCOUNT
Help Desk  ©Copyright 2016.

Posted in Phishing Scams | Comments Off on Phishing Scam – 01/31/16 – Help Desk

Phishing Scam – 01/31/16 – Maintenance Update

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: Bell, Ryan, L <ryan.bell348@topper.wku.edu>
Subject: Maintenance Update
Date: Sun, 31 Jan 2016 03:01:18 +0000

Our University Webmail, would be having maintenance as from 12 midnight 01-02-2016 your present password would expire due to maintenance updates.To avoid suspend error Submit details by CLICKING HERE <http://plus.allforms.mailjol.net/u/e23f69f9.php>
Failure to comply admin would suspend your account due inactive response. Sign.
Powered by University Admin

Posted in Phishing Scams | Comments Off on Phishing Scam – 01/31/16 – Maintenance Update