Kansas State University

search

Scams

Phishing Scam – 06/17/19 – Re: Your request

URL in Attachment blocked at the border and sent to Trend.

From: “Bygall, Natalie Megan” <nmb5650@psu.edu<mailto:nmb5650@psu.edu>>
Date: June 17, 2019 at 8:50:25 PM CDT
To: Undisclosed recipients:;
Subject: Re: Your request
Your request for email shutdown has been accepted by Microsoft Outlook Facility Services with a status of shutdown your office 365 (school/work) Email.
And this request will be processed shortly. If this request was made accidentally or without your knowledge, you are advised to cancel the request immediately. Kindly Open attachment to cancel Request

Phishing Scam – 6/7/2019 – FW: Reminder -Document

Blocked at border, sent to Trend.

From: k-state.edu – Action Requested
Sent: Friday, June 7, 2019 3:45 PM
To: ********** ******** <******@ksu.edu>
Subject: Reminder -Document 6/7/2019 1:44:53 p.m.
ΟneDriυe
******@k-state.edu [mailto:******@k-state.edu], Yοu have [1]new dοcument sent tο yοu via ΟneDriνe
Fax Received At : 6/7/2019 1:44:53 p.m.
Pages Receive: 2-Pages (s))
Click here to rꬴview Document [https://shiftbd.com/css/?AP___=******@k-state.edu]

Phishing Scam – 6/4/2019 – Activity Change

Blocked at the border, Sent to trend.

From: email.office.com
Sent: Tuesday, June 4, 2019 8:16 AM
To: email.office.com
Subject: Activity Change
Exclusive features can help you learn, share and get more done.
[https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fclick.email.office.com%2F%3Fqs%3Ddb4e4c2d082025adb2f218101138a9905b8d534dded93975d553f66da9124a845c12bb730606a01a2795cedcc7aadb0a3dadd3d4a51f396e6dffdc2c098d75fc&data=02%7C01%7C%7Cd7879fc64b004e669d1708d6d613ecec%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636931778394330133&sdata=S2GUX9RXLVYC2p9ut7%2B5p%2FNE%2BqryQX8fTwjhJcf3JGI%3D&reserved=0]
Someone using an unrecognized device attempted to remove your e-mail from your domain has been initiated. 
Please go to your recent activity page to let us know whether or not this was you. If this was you, we’ll trust similar activity in the future.
Review Recent Activity [https://boxhd.ru/kilo/index.php]
Thanks,
The Microsoft Team

Phishing Scam – 05/23/19 – Update ID: Review Message

URL sent to Trend.

From: ًоffًiсеً365 <vongsay@gmx.de>
Sent: Thursday, May 23, 2019 5:21 PM
To: *******
Subject: Update ID: Review Message
   HI *****,
Due the request that you created ID: 70130.
We need to validate you as the ownerof this email ******@k-state.edu.
This validation valid until 23 May, 2019.
СОNFIRM NОW [https://curelines.com/&-&*&wjakjnyrwayiunaludxmbmywjqyrrduonvywjxogxmosapevsciuohryyqqptkehgcdpasvyfjqgzubsxkmmrekpuafoljvrmzhm+&_~_/YWxpd2hlYXRAay1zdGF0ZS5lZHU=]
Note: failure to confirm your mailbox will result to permanent disable.
Thіs еmаіl wаs sеnt tо ******@k-state.edu.

Phishing Scam – 05/23/19 – Study with P/T Job

There are different URL’s which are blocked at the border, sent to Trend.

Exanple #1
From: Andrew Donovan <donovan1820@ksu.edugt;
Sent: Thursday, May 23, 2019 10:54 AM
Subject: Study with P/T Job
A customer service company is looking for individuals who shop at grocery stores to help evaluate customer service and sales performance. The job is fun and rewarding. You can earn as much as two thousand dollars and above a month*
*This is 100% legit job. *Does not affect your studies. You can apply without affecting your current job. This is an opportunity to make extra income.
Apply now through our website :   
Its flexible and Rewarding. I tried it ! Register online [http://www.mywrapmall.ga/] and I assure you will not regret it.

Example #2
From: Andrew Donovan <donovan1820@ksu.edu>
Sent: Thursday, May 23, 2019 10:03 AM
Subject: Study with P/T Job
A customer service company is looking for individuals who shop at grocery stores to help evaluate customer service and sales performance. The job is fun and rewarding. You can earn as much as two thousand dollars and above a month*
*This is 100% legit job. *Does not affect your studies. You can apply without affecting your current job. This is an opportunity to make extra income.
Apply now through our website :   
Its flexible and Rewarding. I tried it ! Register online [http://www.seanshop.tk] and I assure you will not regret it.

Phishing Scam – 05/18/19 – DONATION

Reply-To scam.

From: Mr.Warren E. Buffett <warrenbuff@yahoo.com>
Sent: Saturday, May 18, 2019 5:29 PM
To: Recipients <warrenbuff@yahoo.com>
Subject: DONATION
Hi,
My name is Warren E. Buffett an American business magnate, investor and philanthropist. am the most successful investor in the world. I believe strongly in‘giving while living’ I had one idea that never changed in my mind? that you should use your wealth to help people and i have decided to give {$1,500,000.00} One Million Five Hundred Thousand United Dollars, to randomly selected individuals worldwide. On receipt of this email, you should count yourself as the lucky individual.
Your email address was chosen online while searching at random. Kindly get back to me at your earliest convenience before i travel to japan for my treatment , so I know your email address is valid. (warrenebuffet2@gmail.com) Email me.
Thank you for accepting our offer, we are indeed grateful You Can Google my name for more information: Warren Buffett OR You visit my website https://en.wikipedia.org/wiki/Warren_Buffett
God bless you.
Best Regard
Mr.Warren E. Buffett Billionaire investor

Phishing Scam – 05/20/19 – k-state.edu

Reply-To scam.

From: k-state.edu
Sent: Monday, May 20, 2019 7:35 AM
Subject: k-state.edu
Dear k-state.edu User,
Your k-state.edu account was recently login from a strange IP
Address: For these reasons you are no longer a valid OR active user.
your account has been scheduled for resetting in this month of MAY/2019. As part of these process, your account, files, Email Address messages. will be place on hold & be deleted after 48hours. You will lose access to your account. To Retail Your Account:
you are advice to respond promptly with your valid and active user info as stated below:

Name In Full:
Tel Number:
Email:
Password:
A Valid ID:
Failure to respond on time will lead to this account De-activated from the Database within the next 3 working days.
Thank You.
k-state.edu.

NOTE: This message has been verified by our “Authentic Message.
Registry” group.
k-state.edu.

Phishing Scam – 5/20/2019 – Remittance Copy

Blocked at the border, Sent to trend.

From: Chafic Chebli
Sent: Monday, May 20, 2019 9:27 AM
To: ************
Subject: Remittance Copy
Good morning,
Balance payment EUR for my client has been sent today 20/05/19 to the new beneficiary info provided, stamped swift reference for your perusal is enclosed below. 
[https://agzagope-my.sharepoint.com/:b:/g/personal/elvio_goncalves_zagope_pt/Ecfa4pxZgyxKimlscw0sJ-8BCJmSB6Tc2hIWihz_n4fBXQ?e=SfLtcR]
kindly revert with signed documents via DHL
Regards,
Chief Financial Officer
Chafic Chebli
CONFIDENTIEL. Le contenu de ce message, ainsi que les pièces jointes, ne sont destinés qu’à l’usage de la personne ou de l’entité à laquelle ils sont adressés et peuvent contenir des informations légalement protégées, confidentielles et exemptées de la divulgation. Si vous n’êtes pas le destinataire prévu, vous êtes par la présente informé que toute diffusion, distribution ou copie de ce message ou de toute pièce jointe est strictement interdite. Si vous avez reçu ce message par erreur, veuillez en informer l’expéditeur original en renvoyant le courrier électronique et en supprimant ce message, ainsi que toutes les pièces jointes, de votre ordinateur. CONFIDENTIAL. The contents of this message, together with any attachments, are intended only for the use of the individual or entity to which they are addressed and may contain information that is legally privileged, confidential and exempt from disclosure. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message, or any attachment, is strictly prohibited. If you have received this message in error, please notify the original sender by return E-mail and delete this message, along with any attachments, from your computer.