Kansas State University

search

Scams

Phishing Scam – 06/25/2018 – K-State eID Verification process

URL is blocked at the border, sent to Trend. Web Host notified.

Email Body:

Dear eid@k-state.edu,

Your access to K-State’s information technology resources has been upgraded upon your affiliation with Kansas State University.
Please contact the IT Help Desk : https://eid.k-state.edu (http://lwv-wbla.org/wordpress/wp-content/plugins/css-ready-selectors/ksumail.php?email=********@k-state.edu)

For more information about the technology resources available at K-State, see: http://www.k-state.edu/its/welcome/

Thank you,

K-State IT Help Desk

214 Hale Library, Manhattan, Kansas

helpdesk@k-state.edu

785-532-7722

Phishing Scam – 6/25/2018 – Clean Up Mailbox

URL is blocked at the border, sent to Trend. Web Host notified.

From: ******* *******
Sent: Monday, June 25, 2018 11:25:06 AM
Subject: Clean Up Mailbox
Action required: User Mailbox temporary disabled
Dear user,
Your email have been scheduled for deletion because of violation of our terms and conditions. 
To reactivate:
Sign in to your account using the mailbox retriever page [https://microsoft-home.page4.me/].
Note: If you don’t take any action, your email and all its contents will be deleted.
Thank you,
Service Help Desk Team.

Phishing Scam – 06/22/18 –

Reply-To-Email type of scam.

From: <sophie.naous@chu-lyon.fr [mailto:sophie.naous@chu-lyon.fr]>
Date: June 22, 2018 at 6:57:31 PM CDT
To: <sophie.naous@chu-lyon.fr [mailto:sophie.naous@chu-lyon.fr]>
You have been Picked. For more info write {maiyboldn777@hotmail.com [mailto:maiyboldn777@hotmail.com]}

Phishing Scam – 06/22/18 – RE : ICT HELP DESK

URL is blocked at the border, sent to Trend. Web Host notified.

From: WYTS William (UD095) [mailto:william.wyts@direccte.gouv.fr]
Sent: Friday, June 22, 2018 10:31 AM
To: WYTS William (UD095) <william.wyts@direccte.gouv.fr>
Subject: RE : ICT HELP DESK
Welcome to the new outlook web app for Staff
Migrate to The new Outlook Web app for Staff is the new home for online self-service and information and additional storage.
Click on GATEWAY​ [https://securewebcc.ga/] and login to:
·                     Access the new staff directory
·                     Access your pay slips and P60s
·                     Update your ID photo
·                     E-mail and Calendar Flexibility 
·                     Connect mobile number to e-mail for Voicemail
Everyone is advise to migrate immediately.
Regards
Help Desk Support Team

Phishing Scam – 06/21/18 – Mailbox Out of Space

Blocked at the border, sent to Trend. Web host notified.

From: IT Help desk <kctudeka@ug.edu.gh>
Sent: Thursday, June 21, 2018 10:05 AM
To: IT Help desk
Subject: Mailbox Out of Space
Action required: User Mailbox temporary disabled
Dear user,
Your email have been scheduled for deletion because of violation of our terms and conditions. 
To reactivate:
Sign in to your account using the mailbox retriever page [http://outhlp.moonfruit.com/].
Note: If you don’t take any action, your email and all its contents will be deleted.
Thank you,
Service Help Desk Team.

Phishing Scam – 06/18/18 – Email Selected

Reply-to-email type phishing scam.

From: Meza Suarez, Juan
Sent: Monday, June 18, 2018 6:19 PM
To: info@mavisl.com
Subject: Email Selected
Dear Lucky One.
You have Been donated the Sum of 2,000.000,00 US dollars in the on-going Mavis L. Wanczyk charity scheme. Send your full details for claims to this E-mail Address: maviswanczykclaims@gmail.com
Below is the details you are to send for claims.
Name:
Address:
Mobile:
Country of Residence:
E-mail Address:
Thanks,
Mavis L. Wanczyk

Phishing Scam – 06/18/18 – Action Required: Some of your message has not been sent Successfully

Blocked at the border, Trend classified as dangerous.

From: Office Mail Delovery System
Sent: Monday, June 18, 2018 11:46 AM
To: ******* <*******>
Subject: Action Required: Some of your message has not been sent Successfully
Importance: Low
 Error Sending Your Message
Action Required
Hi ******* [mailto:*******] ,
Our Mail Server At Office Exchange encountered while trying to send some of your messages this failure which left Most of your mails undelivered. Some of your mails were affected and can be resent now.
Click here to Resend messages [https://vaporesso.ml/rdirect.php?m=*******]
Further messages might not be deIivered if any of the above actions are not taken.
Microsoft Office Network
Manage your account online [http://www.e-rewards.com/home.do].
Contact us [http://www.e-rewards.com/contactus.do] if you have any issues.
Read our Member Agreement [http://www.e-rewards.com/memberagreement.do] and Privacy Policy [http://www.e-rewards.com/privacypolicy.do].
Please do not reply to this email.
©2018 Research Now Group, Inc. 5800 Tennyson Parkway, Suite 600, Plano, TX 75024
e-Rewards and the e-Rewards logo are trademarks of Research Now Group, Inc. All rights reserved.

Your Email Access have been restricted 6/16/2018

The URL is blocked at the border, sent to Trend. Web Host was notified.

From: ******* *******
Sent: Saturday, June 16, 2018 1:56:49 PM
Subject: Your Email Access have been restricted
Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, You will not be able to send or receive new mail until you re-validate your mailbox. prior to maintain your INBOX. CLICK HERE [https://www.emailmeform.com/builder/form/z7vobetAK9dg5mfqa1dUe] to Verify. Warm Regards, Web-mail Administrator

Phishing Scam – 06/15/18 – EMERGENCY

The URL is blocked at the border, sent to Trend. Web Host was notified.

From: ******** ********
Sent: Friday, June 15, 2018 6:53 AM
Subject: EMERGENCY
EMERGENCY Your Email Access have been restricted, An Attempt has been made to sign-In your account from a new computer, If you do not validate your account within 24 Hours, 
You will not be able to send or receive new mail until you re-validate your mailbox. prior to maintain your INBOX. CLICK HER [https://www.emailmeform.com/builder/form/LA611e9d74gNuhS866f2vbF]E to re-validate. 
Warm Regards, Webmaster Administrator
To stop receiving messages from Position Description Team [https://outlook.office365.com/owa/positiondescriptionteam@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=conversations] group, stop following it [https://outlook.office365.com/owa/positiondescriptionteam@KSUemailProd.onmicrosoft.com/groupsubscription.ashx?realm=KSUemailProd.onmicrosoft.com&source=EscalatedMessage&action=unsubscribe].