Reply to scam with .txt attachment
From: Dr Rebecca Crandall <firstname.lastname@example.org> Sent: Tuesday, November 12, 2019 9:07:09 PM
To: ****** ********* <*********@ksu.edu>; ****** ***** <********@ksu.edu>; ***** ******* <*******@ksu.edu>; ****** ****** <******@ksu.edu>; ******* ****** <******@ksu.edu>
Subject: 2019/20 JOB OUTREACH FOR SELECTED COLLEGE/UNIVERSITY STUDENT
Read more details in the attachment
Reply To Scam trying to get a Gift Card.
From: Carla Nemecek
Date: November 9, 2019 at 9:04:45 AM CST
Reply-To: Carla Nemecek
Hello Can we have a quick chat via mail ?
Sent from my Smartphone©
Phishing Scam with Virus Attachment
From: INTERNAL NOTICE
Sent: Tuesday, November 12, 2019 3:51 AM
Subject: Microsoft Server
Sent to Microsoft and Google anti-phishing and notified email server host.
Get Outlook for iOS [https://aka.ms/o0ukef]
From: *********** <*********@ksu.edu>
Sent: Tuesday, November 5, 2019 7:19:42 PM
Subject: Information Desk
In accordance with the work and study regulations of the Institution, we are pleased to inform you about an available part time position of a personal Assistant at three hundred and fifty dollars weekly wages. Please Note: This position is available on a first come, first serve basis. If your schedule is flexible enough to take this position, kindly contact “( email@example.com )” for exclusive details about this position. You should include your cellphone number when applying for direct contact as well as your preferred email address.
Email server host notified.
From: ******@ksu.edu [mailto:******@ksu.edu]
Date: November 5, 2019 1:56:20 PM CST
To: ******@ksu.edu [mailto:******@ksu.edu]
Subject: Be sure to read this message! Your personal data is threatened!
Reply-To: ******@ksu.edu [mailto:******@ksu.edu]
I hacked your device, because I sent you this message from your account.
If you have already changed your password, my malware will be intercepts it every time.
You may not know me, and you are most likely wondering why you are receiving this email, right?
In fact, I posted a malicious program on adults (pornography) of some websites, and you know that you visited these websites to enjoy
(you know what I mean).
While you were watching video clips,
my trojan started working as a RDP (remote desktop) with a keylogger that gave me access to your screen as well as a webcam.
Immediately after this, my program gathered all your contacts from messenger, social networks, and also by e-mail.
What I’ve done?
I made a double screen video.
The first part shows the video you watched (you have good taste, yes … but strange for me and other normal people),
and the second part shows the recording of your webcam.
What should you do?
Well, I think $559 (USD dollars) is a fair price for our little secret.
You will make a bitcoin payment (if you don’t know, look for “how to buy bitcoins” on Google).
BTC Address: 19P1EZqopzMAb3UhdBoBtBJFBkAiVz8U7
(This is CASE sensitive, please copy and paste it)
You have 2 days (48 hours) to pay. (I have a special code, and at the moment I know that you have read this email).
If I don’t get bitcoins, I will send your video to all your contacts, including family members, colleagues, etc.
However, if I am paid, I will immediately destroy the video, and my trojan will be destruct someself.
If you want to get proof, answer “Yes!” and resend this letter to youself.
And I will definitely send your video to your any 19 contacts.
This is a non-negotiable offer, so please do not waste my personal and other people’s time by replying to this email.
Sent to Microsoft and Google anti-phishing and notified email server host.
From: Amelia <firstname.lastname@example.org>
Sent: Thursday, October 31, 2019 12:46 PM
Subject: Security Notice. Someone has access to your system.
I am a hacker who has access to your operating system.
I also have full access to your account.
I’ve been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this,
transfer the amount of $500 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: 3KaqkQhfUYrFWGX3dKBN4z2QnoXh15K9pW
After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
Reply-To Phishing Scam with PDF attachment.
From: Reid Adams <email@example.com>
Date: Fri, 25 Oct 2019
Subject: INTERNSHIP OPPORTUNITY FOR UNIVERSITIES
Phishing attempt. Blocked at the border. Notified web-host, Trend, and Microsoft.
From: “Sandy Amaro, Pearson” <firstname.lastname@example.org [mailto:email@example.com]>
Subject: Paid Research Opportunities with Pearson
Date: October 24, 2019 at 2:31:19 PM CDT
To: <*******@k-state.edu [mailto:*******@k-state.edu]>
Reply-To: “Sandy Amaro, Pearson” <reply-fe95167271650c7970-667_HTMLfirstname.lastname@example.org [mailto:reply-fe95167271650c7970-667_HTMLemail@example.com]>
**These messages have been known to be malicious. Please, be very cautious with these messages.**
Dear Professor *******,
Pearson invites you to complete a ~15 minute research activity related to textbook selection in exchange for a $15 Amazon gift card. Fully completing the activity will also automatically enter you into a raffle to win an additional $250 Amazon gift card. All payouts and a winner will be announced on November 4th, 2019.
To participate, simply follow the link below to begin. Be sure to type your email in carefully so that we may process your payment.
Begin activity → [http://click.ocrm3.pearson.com/?qs=2755048319a06e362735e703131a32a78d77c3ad162934d4009dfafed2b5f11511aafa055fbdcbe312a455b0590b59aee4f238a04a8964d9]
Thank you very much for your participation.
User Experience Administrator
[http://click.ocrm3.pearson.com/?qs=2755048319a06e3624f3bbb93759edc3dffba552c78eca3e54dcadb5ebd9e854aeb6d2d0679c6c9876bd406f05667ee42b6910d30cbdb90f] [http://click.ocrm3.pearson.com/?qs=2755048319a06e363d7c2aab0be4168aafa1ed07e1706038c70b486f8199d7b78a03e10827f474a34910d82f6bf391d811e1cc9ab737cafe] [http://click.ocrm3.pearson.com/?qs=2755048319a06e364779d92ec6cb1b3282d8ea94d5f71835d8ac7ac350a8e54d1ff0b05938431f3e22444fe2ac50dce51b7e6fe9ff7514b7] [http://click.ocrm3.pearson.com/?qs=2755048319a06e36a9c5d911d3298089dcc13d35de6683c71e5a8fc94687838730b436c1e8640078bc1552484a631a20852bf4a017bd6c53]
View in browser [http://view.ocrm3.pearson.com/?qs=e2cb6df87077950678d23373e66c390e309b87e41b8349dc074ee4400f32afa5eba14887bfb63ce741236ea45732d8b4cefe8804df087bb4cb810d33300e253dc0cbc7126af36f0f07bd91e360e2b23b]
Email Preference Center [http://click.ocrm3.pearson.com/?qs=2755048319a06e361aa7f90c985ca583902576a434b3e07bf67ce677fdd4a4b2eb60699a505f3e20c4ce364eee1e033f2d13495d5f688928e7d1bbfce3e7b98c] | Unsubscribe [http://click.ocrm3.pearson.com/?qs=2755048319a06e36c50f90754bb0ac097c05e037f5dc67b5b21dc1f2dbf6bc6e9e291907f7b0e24339baca644640ebb32465389f5ae19567aa3968d4ec527741]
Copyright © 2019 Pearson Education [http://click.ocrm3.pearson.com/?qs=2755048319a06e36abe5ac91715a4fb47a9bcb9edbee60e8fa9cd1ffed4e39e1d993682b2179b1736595c6b4a5e6ddb1148073bf9bea0a9b]
Pearson Shared Services Limited |
221 River Street, Hoboken, NJ 07030 | United States [http://click.ocrm3.pearson.com/?qs=2755048319a06e36bb8dd3f83304ae3b005c0873c250f959cf3507917e638e19aca467eb57c89390281d22a72ff4374417bc76577ac3b5a7]