Phishing Scam – 5/5/16 – IT Service Desk Support.

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: “Wang, Jenny” <Jenny.Wang@tdsb.on.ca>
Subject: RE: IT Service Desk Support.
Date: Thu, 5 May 2016 17:02:09 +0000

ATTN: Outlook Web Access User,
Take note of this important update that our new webmail has been improved with a new messaging system from Outlook Web Access which also include faster usage on email, shared calendar,web-documents and the new 2016 anti-spam version. Please use the outlook web access link below to complete your update for our new Outlook Web Access improved webmail.

CLICK HERE TO UPDATE <http://ljcipkh69.ulcraft.com/>

NOTE: Failure to do this within 24 hours of receiving this notice we will immediately render your Outlook Web App account deactivated from our database and you cannot hold us responsible since you fail to adhere to our request.
___________________
Regards,
IT Service Desk Support.

Admin Team.

Posted in Phishing Scams | Comments Off on Phishing Scam – 5/5/16 – IT Service Desk Support.

Phishing Scam – 05/05/16 – Final warning!! Your Email Quota Exceeded!!

Origin ISP and Web host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: www-data@test.emmerson-evaluation.pl
Sent: Thursday, May 05, 2016 7:19 AM
Subject: Final warning!! Your Email Quota Exceeded!!
Dear User
Please Quickly Update Your WebMail Email Account For Security Reason. Login
Click To Update [http://spraymaster.eu/tmp/domain.htm]
We strongly advice you to prevent your account from being Terminated.
Customer Service
WebMail Team©

Posted in Phishing Scams | Comments Off on Phishing Scam – 05/05/16 – Final warning!! Your Email Quota Exceeded!!

Phishing Scam – 5/3/16 – FROM YOUR EMAIL ADMIN-UPGRADE NOW!

Origin ISP and Web host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: ******** ********<********@ksu.edu>
To: “Email@security.com” <Email@security.com>
Subject: FROM YOUR EMAIL ADMIN-UPGRADE NOW!
Date: Tue, 3 May 2016 17:27:23 +0000

Dear Users,
You have exceeded your email storage capacity. 0.3bits is all you have and cannot be able to receive emails with attachment or send emails. Click here to add up free 20GB storage and protect your account [http://jehansen.dk/wp-content/webmail/webmail.htm]
If not gotten from you in the next 24 hours, We shut down your mail account,  Until after proper verification before you can access you mail account again…
Thanks.
******** ********
© 2016 Webmail Domain security.

Posted in Phishing Scams | Comments Off on Phishing Scam – 5/3/16 – FROM YOUR EMAIL ADMIN-UPGRADE NOW!

Phishing Scam – 5/2/16 – IT Admin Message!!!‏

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: “Beige, Diane” <Diane.Beige@suffolkcountyny.gov>
Subject: IT Admin Message!!!
Date: Mon, 2 May 2016 16:58:15 +0000

Your Password Expires in 2 hour(s) You are to change your Password below via the ACCOUNT MANAGEMENT PAGE.
Click on CHANGE-PASSWORD [http://owaapp.sitey.me/]
If Password is not change in the next 2 hour(s) Your next log-in Access will be declined.
If you do find any difficulties to Change Password, quotas, accessing files or missing files please contact the ITS Helpdesk
Regards,
IT Services

Posted in Phishing Scams | Comments Off on Phishing Scam – 5/2/16 – IT Admin Message!!!‏

Phishing Scam – 4/20/16 – ** Mail Alert **

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: Outlook App Alerts <outlook.mail.app.alerts@nau.edu>
Subject: ** Mail Alert **
Date: Sat, 30 Apr 2016 22:22:20 -0400

***** Mail Alert *****
Our system could not verify the current senders name linked with this account. Due to this problem, you will be unable to send new messages until you have this error resolved.
Click here to resolve this error [http://primenumerics.com/webinar/webmail.htm]
We apologize for any inconveniences this may have caused.

Posted in Phishing Scams | Comments Off on Phishing Scam – 4/20/16 – ** Mail Alert **

Phishing Scam – 04/29/16 – Action Required

The URL is not active and is blocked at the border. The URL was submitted to Trend.

From: TIAA-CREF [noreply.accountsdept@tiaa.org [mailto:noreply.accountsdept@tiaa.org]]
Sent: Friday, April 29, 2016 2:02 PM
To: XXXX
Subject: Action Required
[tiaa logo]
During our regular scheduled maintenance of our systems, your account was flagged for having a long period of inactivity.
For security reasons, inactive accounts are disabled after a long period of time.
To prevent this from occurring, you are required to immediately login to your account with the attached link provided below
Please Click to access the restoration link
Please Note:
You are not required to perform any transaction or activity after login. If your account is indeed active, you are still required to log in with the attached link provided above to take your account off the flag list. You are required to login to your account once every three months to indicate use of your Merrill Lynch online service.
Protecting the security of your account is our primary concern, and we apologize for any inconvenience this may have caused you.
N.B: You will receive one more notification from us before your account is disabled. If you don’t receive this notification, it indicates your account has been unflagged and is fully active.
Sincerely.
Account Review Department
TIAA-CREF
Investment, insurance and annuity products are not FDIC insured, are not bank guaranteed, are not deposits, are not insured by any federal government agency, are not a condition to any banking service or activity, and may lose value.
??
TIAA does not provide legal or tax advice. Please consult your tax or legal advisor to address your specific circumstances.
??
TIAA-CREF Individual & Institutional Services, LLC, Teachers Personal Investors Services, Inc., and Nuveen Securities, LLC, Members FINRA?? and SIPC, distribute securities products. Annuity contracts and certificates are issued by Teachers Insurance and Annuity Association of America (TIAA) and College Retirement Equities Fund (CREF), New York, NY. Each of the foregoing is solely responsible for its own financial condition and contractual obligations.
??
??? Deposit and lending services and products are provided by TIAA Direct??, a division of TIAA-CREF Trust Company, FSB. Member FDIC. Equal Housing Lender Equal Housing .
Teachers Insurance and Annuity Association of America is domiciled in New York, NY, with its principal place of business in New York, NY. Its California Certificate of Authority number is 3092.
??
TIAA-CREF Life Insurance Company is domiciled in New York, NY with its principal place of business in New York, NY. Its California Certificate of Authority number is 6992.
Read the TIAA-CREF Individual & Institutional Services, LLC unaudited Statement of Financial Condition as of December 31, 2015 .
Read the Statement of Financial Condition (Unaudited) June 30, 2015 .
??2016 and prior years, Teachers Insurance and Annuity Association of America – College Retirement Equities Fund (TIAA-CREF), New York, NY 10017.
*************************************************************************
This e-mail may contain confidential or privileged information.
If you are not the intended recipient, please notify the sender immediately and then delete it.
TIAA
*************************************************************************

Posted in Phishing Scams | Comments Off on Phishing Scam – 04/29/16 – Action Required

Phishing Scam – 04/28/16 – Weaning

The URL was active and is blocked at the border. The URL was submitted to Trend. The web host and ISP were notified.

From: ahronicek <ahronicek@mail.csuchico.edu>
Sent: Thursday, April 28, 2016 2:12 PM
Subject: Weaning
Your mailbox has exceeded the storage limit set by your administrator, You may not be able to send or receive new email until you re-validate your mailbox To re-validate your mailbox please CLICK HERE [http://webmailoutlook-com.jimdo.com/] System Administrator.

Posted in Phishing Scams | Comments Off on Phishing Scam – 04/28/16 – Weaning

Phishing Scam – 4/28/16 – HelpDesk

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: ******** ******** <********@ksu.edu>
Subject: HelpDesk
Date: Thu, 28 Apr 2016 16:09:02 +0000

Your e-mail account was LOGIN today by Unknown IP address,click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages.

CLICK LINK BELOW:
http://422130.livecity.me/

Posted in Phishing Scams | Comments Off on Phishing Scam – 4/28/16 – HelpDesk

Phishing Scam – 4/27/16 – HelpDesk

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: ******** ******** <********@ksu.edu>
To: “info@helpdesk.edu” <info@helpdesk.edu>
Subject: HelpDesk
Date: Wed, 27 Apr 2016 11:19:53 +0000

Click on the Administrator link below and LOGIN to validate and Verify your e-mail account or your account will be temporary block for sending more messages.
CLICK LINK BELOW
http://webmail-helpdesk.sitey.me/

Posted in Phishing Scams | Comments Off on Phishing Scam – 4/27/16 – HelpDesk

Phishing Scam – 4/26/16 – Upgrade and Verify your Emaile

Origin ISP and Web Host have been notified. URL is active and blocked at the border. URL has been submitted to Trend.

From: webmail Admin <webmail-admin000001@comcast.net>
Subject: Upgrade and Verify your Email
Date: Tue, 26 Apr 2016 17:09:54 +0000

Dear Users, 
You have exceeded your email storage capacity.
0.3bits is all you have and cannot be able to receive emails with attachment or send emails.

Click here to add up free 20GB storage and protect your account [http://www.degoedereede.be/css/webmail/webmail.htm]

If not gotten from you in the next 24 hours, We shut down your mail account,

Until after proper verification before you can access you mail account again… 

Thanks.
© 2016 Webmail Domain security.

Posted in Phishing Scams | Comments Off on Phishing Scam – 4/26/16 – Upgrade and Verify your Emaile