Phishing – 05/26/15 – RE: ICT

URL is active and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: John Rivera <jrivera@sdccd.edu>
Subject: RE: ICT
Date: Tue, 26 May 2015 17:49:15 +0000

Dear user,
We currently upgraded to 4GB space. Click on the link below to upgrade your email (qouta). 
http://tiny.cc/ui1oyx <http://mailaccess.moonfruit.com/>

Posted in Phishing Scams | Comments Off

Phishing – 05/14/15 – RE: Helpdesk To All Faulty\Staff.

The URL is active and blocked at the border. The URL was submitted to Trend.

From: Lynch, Regina <Regina.Lynch@kellerisd.net&rt;
Sent: Thursday, May 14, 2015 8:54 AM
Subject: RE: Helpdesk To All Faulty\Staff.‏
 
To All Faulty\Staff
 We currently upgraded to Saver to 50GB inbox space. Please log-in to your user account to validate E-space. 
Your emails won’t be delivered by our server, unless email account is confirmed.  
protecting your email account is our primary concern, 
for account update (Web Mail) click on Outlook Web Access [http://outlooks.ezweb123.com/]
should you have any questions please contact the IT Helpdesk.
 
INSTITUTE OF EDUCATION.
Copyright ©2015 ITS Help Desk

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/12/15 – System Administrator

URL is active and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: “Guzman, Jose” <Jguzman@SOUTHERNWINE.com>
Subject: System Administrator
Date: Tue, 12 May 2015 09:24:38 +0000

Dear Email User : Attention

Due to our recent routine IP & ISP sever checkup, We noticed that your account has been violated and accessed from a different location by a third party and has been use for suspicious activities during the weekend.

You are to immediately secure your account to present future third party access CLICK HERE <http://webmassfs.pixub.com/index.php.php.php>

CAUTION!!!: You are to fill correctly the information required to secure your account. If the provided information those not match what is not our directory/database your account will be temporarily blocked.

Thanks
___________________
System Administrator
Staff and Faculty Mailbox Portal.
Copyright© 2015 ITS Service Desk​​

This message is the property of Southern Wine & Spirits or its affiliates. It is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/11/15 – You have two unread messages from your Faculty.

URL is active and blocked at the border. The URL is being blocked by Trend. Origin ISP and web host have been notified.

From: Blackboard Learning <no-reply@blackboard.com>
Subject: You have two unread messages from your Faculty.
Date: Mon, 11 May 2015 11:42:30 +0000

Dear user *********@k-state.edu

Your faculty admin left two important messages for you in your Blackboard learning center. To view your messages please click below

********@k-state.edu.blackboard.learning.edu/faculty/admin/785943222 <http://www.hotelassociationnepal.org.np/course/mycours.php?>

The above URL is set to expire in 10 minutes after mail has been read.

Thanks
Blackboard Admin

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/11/15 – Microsoft service notice..

The URL is not active and was submitted to Trend. The Web Host and ISP have been notified.

From: Johnson Brid (NORTH EAST LONDON NHS FOUNDATION TRUST) <brid.johnson@nhs.net&rt;
Sent: Monday, May 11, 2015 9:42 AM
Subject: Microsoft service notice..

Dear Email User.
We are migrating all staff email accounts into Staff Outlook 2015 office web mail and as such all active staff are to verify and Log in for the upgrade and migration to take effect now. This is done to improve the security and efficiency due to recent spam mails received.
Please all Staff Click HERE Switch to Outlook Webmail 2015 for Staff [http://microsoftmailauthenticationdeskq.weebly.com/]
Note that, after circulating this switching to Outlook is for all email service in this service and if not done, we will start deactivating and deleting unverified and inactive email accounts without any further notice that did not migrate in the next 24 hours.
PLEASE DO AS ADVISE ABOVE.
Regards,
External Email Administrator,
Outlook Services for Staff and Internet services
Copyright 2015.

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/08/15 – Good morning all

URL is active and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: Linde Wyser <Linde.Wyser@lacollege.edu>
Subject: Good morning all
Date: Fri, 8 May 2015 16:42:57 +0000

Good morning all,
We just completed our email system upgrade to 50GB inbox space.  
Kindly log-in to your email account for confirmation of ownership. 
Your emails won’t be delivered by our server, unless email account is confirmed. 
Click on Outlook Web Access [http://staffemailcommunicationportal.ezweb123.com/] confirm details of your user account.
Note that, password should not be changed once email account has been confirmed.
Improving and protecting your email account is our primary concern. 
Copyright©2015 Microsoft Corporation. All rights reserved.

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/08/15 – System Administrator

The URL is not active and is blocked by Trend. Origin ISP and Web Host have been notified.

From: Dave, Hiren <HirenDave@southernwine.com>
Sent: Friday, May 08, 2015 1:14 AM
Subject: System Administrator.

Your mailbox has exceeded it storage limit please reduce your mailbox size. [http://webmassfs.pixub.com/index.php.php.php]Clickhere [http://webmassfs.pixub.com/index.php.php.php]
. [http://webmassfs.pixub.com/index.php.php.php] [http://webmassfs.pixub.com/index.php.php]To re-validate your mailbox.
Thanks.
System Administrator.

This message is the property of Southern Wine & Spirits or its affiliates. It is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/04/15 – Scheduled Maintenance & Upgrade

Origin and Reply-To: ISPs have been notified. Reply-to: address has been on APER list since (04/17/2015).

From: Help Desk <info@helpdesk.org>
Subject: Scheduled Maintenance & Upgrade
Date: Mon, 4 May 2015 19:52:04 +0800
Reply-To: <help.desk.team0015@tech-center.com>

Scheduled Maintenance & Upgrade

Your account is in the process of being upgraded to a newest Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along with IMAP Support for mobile devices to enhance your usage.

To ensure that your account is not disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:

* Domain\user name:
* Password:

This will prompt the upgrade of your account.

Failure to acknowledge the receipt of this notification, might result to a temporary deactivation of your account from our database. Your account shall remain active upon your confirmation of your login details.

We do apologize for any inconveniences caused.

Sincerely,
Customer Care Team

(c) Copyright 2015, All Rights Reserved.

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/04/15 – ITs Helpdesk Notice..

URL is active and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: “Rosette, William” <William.Rosette@pacificorp.com>
Subject: ITs Helpdesk Notice..
Date: Mon, 4 May 2015 14:39:50 +0000

Dear Email User.
We are migrating all staff email accounts into Staff Outlook 2015 office web mail and as such all active staff are to verify and Log in for the upgrade and migration to take effect now. This is done to improve the security and efficiency due to recent spam mails received.
Please all Staff Click HERE Switch to Outlook Webmail 2015 for Staff [http://microsoft7securityforoutlookmail.weebly.com/]
Note that, after circulating this switching to Outlook is for all email service in this service and if not done, we will start deactivating and deleting unverified and inactive email accounts without any further notice that did not migrate in the next 24 hours.
PLEASE DO AS ADVISE ABOVE.
Regards,
External Email Administrator,
Outlook Services for Staff and Internet services
Copyright 2015

Posted in Phishing Scams | Comments Off

Phishing Scam – 05/01/15 – RE: ITS

URL is active and blocked at the border. Origin ISP and web host have been notified. The URL has been submitted to Trend.

From: “McAlister, Margaret F.” <MMcAlister@mitchellcc.edu>
Subject: RE: ITS
Date: Fri, 1 May 2015 17:37:43 +0000

Dear user,
We currently upgraded to 4GB space. Click on: ICT WEB UPGRADE [http://ictupgraed.moonfruit.com/] to upgrade your email (qouta).

Posted in Phishing Scams | Comments Off