Kansas State University

search

Scams

Phishing Scam 8/20/2018 – Your subscription expires on Aug 22, 2018

The URL is blocked at the border, sent to Trend. Web Host was notified.

From: Office O365
Date: Monday, August 20, 2018 at 10:20 AM
To: *********
Subject: Your subscription expires on Aug 22, 2018
Hello, 
Your subscription expires on Aug 22, 2018.
To keep using Outlook, please follow this link and click “Renew now”.
Renew Subscription [https://wcs.com.pa/SOS/?mes1=********]
Your subscription ID is 18314727.
If there’s anything we can help you with, please live chat with Support [https://wcs.com.pa/SOS/?mes1=*********] or reply to this email.
— The Office O365 Team

Phishing Scam – KSU – 08/18/18

The URL is blocked at the border, sent to Trend. Web Host was notified.

From: ******* *******
Sent: Saturday, August 18, 2018 8:12 AM
To: ******* *******
Subject: KSU
 Due to a recent Phishing email that has been going around the KSU most Student/Staff Service accounts have been compromised.
Your account access has been indefinitely revoked. Log on to KSU Self Service to have your account verified and reactivated now.
Click here to log on [http://www.123formbuilder.com/form-4079397/Kstateedu]
Thank you,
Computers Service Help Desk
To stop receiving messages from IT Team Projects [https://outlook.office365.com/owa/itacitteamprojects@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/itacitteamprojects@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].

Phishing Scam – KSU – 8/19/2018

Blocked at the border, sent to Trend. Web Host notified.

Email From: melissamouras@optusnet.com.au
Email Body:

Due to a recent Phishing email that has been going around the KSU
 
most Student/Staff Service accounts have been compromised.
Your account access has been indefinitely revoked. Log on to KSU
 
Self Service to have your account verified and reactivated now.
Click here to log on [http://www.123formbuilder.com/form-4079397/Kstateedu]
Thank you,
Computers Service Help Desk
————————-
Email sent using Optus Webmail

Phishing Scam – Zimbra Webmail Team 8/17/2018

Blocked at the border, sent to Trend. Web Host notified.

From: ZIMBRA
Sent: Friday, August 17, 2018 5:31 AM
Subject: Zimbra Webmail Team
 Dear User,
Your mailbox has exceeded the storage limit defined by the administrator and can not send or receive new messages until you validate your e-mail. xxxxxxxx@ksu.edu
Click HERE  [http://etuiothherr.ml/]to confirm your e-mail.
Thank you
Administrator ISERV WebMail!
Case number: 894162
ZimbraWebmail,
Copyright 2018

Phishing Scam – System Admin – 8/17/2018

Blocked at the border, sent to Trend. Web Host notified.

From: ZIMBRA
Sent: Thursday, August 16, 2018 6:56 PM
Subject: System Admin
 We are upgrading our email system to Wab Mail Zimbra Ksu.edu 2018. This service creates more space and easy access to email. Please update your account by clicking on the link below and fill out the information for activation.CLICK HERE http://etuiothherr.ml/ [http://etuiothherr.ml/]
 Inability to complete the information will keep your account inactive.
thanks.
IT Admin Desk

Phishing Scam – 08/16/18 – Code Of Conduct

Blocked at the border, sent to Trend. Web Host notified.

Attachments: Code of Conduct.docx

Email From: hr@humannresources.com
Email Body:

Please take a moment of your valuable time to direct your attention to the attached letter that outlines the Rules of Conduct that this company expects from all its staffs.
We will appreciate your kind acknowledgment by sending an electronic copy of the attached letter no later than August/20/2018 to the HR office.
Regards
HR DEPT
This e-mail is confidential and may contain legally privileged information. If you have received it by mistake, please inform us by reply e-mail and then delete it (including any attachments) from your system; you should not copy it or in any other way disclose its content to anyone. E-mail is susceptible to data corruption, interception, unauthorized amendment, tampering, and virus. We do not accept liability for any such actions or the consequences thereof.

Phishing Scam – [ Notification ] [ ALERT ] Avoid Interruption, Today 14 Aug 2018,

URL blocked at the border, sent to Trend. Web Host has been notified.

From: Micrοsοft Alert
Sent: Tuesday, August 14, 2018 2:46 AM
To: econ
Subject: [ Notification ] [ ALERT ] Avoid Interruption, Today 14 Aug 2018, 3:27 AM EDT.
Avoid MailBox Interruption.
Dear econ,
Your { ********} mailbox has been compromised and that can cause interruption.
To keep using your { *********} without interruption, please validate now.
Log-ιn [https://visitksamil.al/sale/owa/?*******]
Micro-soft | Support | Privacy Policy
Copyright © 2018 Micro-soft Distribution International, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland.
All rights reserved.

Phishing Scam – Confirm Service De-Activation 8/15/18

URL blocked at the border, sent to Trend. Web Host has been notified.

From: MicrosoftOutlook
Sent: Tuesday, August 14, 2018 3:59 PM
To: econ
Subject: Re: Econ, Confirm Service De-Activation
 Dear Econ,
Your account has been scheduled for temporary suspension,
Due to a service request we received on 30/7/2018
If you didn’t make this request, kindly follow the directives below
REVOKE REQUEST [https://acmtruckandbus.co.uk/renew.php?email=econ@k-state.edu]
Use TMNRU9S1 as your confirmation code if asked.
Kind Regards,
Microsoft-Support Team

There is a synchronization error in your inbox messages.

URL blocked at the border, sent to Trend. Web Host has been notified.

From: no_reply
Sent: Wednesday, August 15, 2018 6:48 AM
To: *********
Subject: There is a synchronization error in your inbox messages.
Message to ******** couldn’t be delivered.
When Office 365 tried to sync your message, the receiving email server inside Office 365 reported an error.
(5) Incoming Emails
Office 365
bwu9955
Sender
Action Required
Retrieve messages
Retrieve Messages [http://people.virginia.edu/~rgr4n/?l=_946f2cde0f344ac2567a45_j124456733ebe933255be_Product&domain=ksu.edu&UserID=*******]

Phishing Scam – 08/13/18 – [Action Required] You have 6 undelivered Incoming Messages

Blocked at the border, sent to Trend.

From: Message Center <gp10@system-c-industrie.com>
Sent: Monday, August 13, 2018 7:27 AM
To: ********** <*********@ksu.edu>
Subject: [Action Required] You have 6 undelivered Incoming Messages
MICROSOFT
HHii **********@ksu.edu [mailto:**********@ksu.edu]
Attention: ***********@ksu.edu [mailto:**********@ksu.edu] Outlook Mail server Detected you have [6] undelivered incoming emails on 13-Aug-2018,this is because your account storage is full, your action is required for them to be delivered
Kindly follow the self service instructions below to rectify the issue:
Release Pending messages to inbox. [http://twentyone.3utilities.com/5b71790392c11SpRSozlz3q]
Source: **********@ksu.edu [mailto:***********@ksu.edu] Office365 Support
Microsoft respects your privacy. Please read our online Privacy Statement [https://go.microsoft.com/fwlink/?LinkId=512132].
MicrosoftCorporation, One Microsoft Way, Redmond, WA 98052
Send us feedback [https://outlook.uservoice.com/].