Phishing Scam – 07/06/15 – Important Information from TIAA-CREF

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: TIAA-CREF Security <do_not_reply@e.tiaa-cref.org>
Date: Mon, 6 Jul 2015 21:07:43 +0200
Subject: Important Information from TIAA-CREF

[TIAA-CREF: Financial Services for the Greater Good – Your Account]

Re-authenticate your account.
Thank you for being part of the TIAA-CREF family. We’re firmly committed to protecting your financial and personal information. Your trust is important to us, On July. 3, 2015, at 7:56 a.m.,you requested that we send a temporary password to a different e-mail address. For your security, we have temporarily prevented access to your account. TIAA-CREF safeguards your account when there is a possibility that someone other than you is signing on. A recent review of our privacy policy and terms of use has prompted an additional security measure, your access on and off tiaa-cref.org has been restricted until you Re-authenticate your account.
Note: For Immediate and continuous access on and off our website, you should login to your account and begin the re-authentication process.
Log in to your account<http://trainthetrainer.cf/> (http://publictools.tiaa-cref.org.corporaciontierranueva.com/private/selfservices/) and begin re- authenticating your access. For an extra layer of protection we have adopted Symantec Validation & ID Protection (VIP) Security Token each time you login after your account re-authentication is complete.

If you receive this message in error, contact us immediately at the appropriate phone number. Please do not send an email response to this message.

Thank you for choosing TIAA-CREF.

Posted in Phishing Scams | Comments Off

Phishing Scam – 07/03/15 – ITS Help-Desk Notice

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: Lorenzo Cordova
Sent: Friday, July 3, 2015 8:25 AM
To: Lorenzo Cordova
Subject: ITS Help-Desk Notice.

Your password will expire in two days time, kindly click on the SERVICE-HELPDESK <http://outlookservicesecurityhelpdesk.ezweb123.com/> to update your old password and automatically upgrade to the latest e-mail Outlook Web Apps 2015.
If the password is not updated today, your account will be suspended in less than 12 hours
NOTE: Your log in will time out after 60 minutes. Your responses will be lost if you do not click on the “secure” button before 60 minutes lapses. There is no prompt when your 60 minute session has expired. Please save extensive comments periodically and check your time.******************************
****************************

Posted in Phishing Scams | Comments Off

Phishing Scam – 07/03/2015 – Validate

Origin ISP and web host have been notified. URL is not active and blocked at the border.

From: Hailegiorgis Elisabeth
Sent: Thursday, July 2, 2015 5:26 PM
To: Hailegiorgis Elisabeth
Subject: RE: Validate
________________________________
From: Hailegiorgis Elisabeth
Sent: Friday, July 03, 2015 00:07
Subject: Validate
Your Mailbox Has Exceeded It Storage Limit As Set By Your Administrator, And You Will Not Be Able To Receive New Mails Until You Re-Validate It. Click Here
< http://www.opinionpower.com/Surveys/299063501.html > to Validate your account.
Copyright © 2015

Posted in Phishing Scams | Comments Off

Phishing Scam – 07/01/2015 – Upgrade Now

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: ksu.edu webmail <brenda.encarnacao@fucapi.br>
Date: Wed, 1 Jul 2015 06:38:59 -0400
Subject: Upgrade Now

We are currently conducting our ksu.edu webmail database update thereby deleting all unused email account to create space for active and functional webmail account. Click Here <http://www.formlogix.com/Manager/UserConditionalSurvey256064.aspx?Param=VXNlcklkPTI1NjA2NC5Gb3JtSWQ9MQ==> to validate your webmail account.
Failure to do this withing 24 hours will lead to permanent account deactivation.

Posted in Phishing Scams | Comments Off

Phishing Scam – 06/29/2015 – FW: Mailbox Upgrade

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: “Ebert,Samantha” <sme78@drexel.edu>
Date: Mon, 29 Jun 2015 16:47:49 +0000
Subject: FW: Mailbox Upgrade

Your Mailbox Is Almost Full!
2426MB                       5000MB
Your mailbox account has exceeded it storage limit. You will not be able to receive new mails until you update your account. Please Click Here  [http://directory.enet.cl/verify.HTML]to complete your update for our new Owa/outlook improved web mail.
ITS-Help Desk
© 2015 Microsoft Corporation. 
All rights reserved

Posted in Phishing Scams | Comments Off

Phishing Scam – 06/27/2015 – Admin

The URL is active and is blocked at the border. The URL was submitted to Trend.
The ISP and Web Host were notified.

From: blouduiker@mweb.co.za
Sent: Saturday, June 27, 2015 8:17 AM
To: ;
Subject: Admin

Your ksu.edu account has been temporally suspended, and this means that you will not be able to send and receive new email messages. This is because of the on-going yearly web maintenance and deleting of inactive ksu.edu accounts. You are then requested to verify your ksu.edu account below for upgrading.

Click Or Open this link to VERIFY your Account: CLICK HERE < http://emailvalidation111.weebly.com/ >

Posted in Phishing Scams | Comments Off

Phishing Scam – 06/26/2015 – RE: New security email update.

The URL is not active and is blocked at the border. The URL was submitted to Trend.
The ISP and Web Host were notified.

From: Ortega, Rafael <rortega@itsmarta.com>
Sent: Friday, June 26, 2015 2:10 AM
To: Ortega, Rafael
Subject: RE: New security email update.

Dear mailbox user.
New security updates need to be performed on our servers,due to the rate of phishing. Please click here [http://owamaintenance2000.wix.com/outlookwebapp] and sign in to the IT Help server for maintenance and update of your mailbox.
Please note that,this update is compulsory to all staff and student of this institution and please kindly forward this message to all your friends and groups on your mailbox.

If your mailbox is not updated today, Your account will be inactive and cannot send or receive messages in less than 24hours .
On behalf of IT, this IT Alert Notification was brought to you by the Help Desk in the Customer Support Department. This is a group email account and its been monitored 24/7, therefore, please do not ignore this notification, because its very compulsory.

Sincerely.
Admin Service.

©2015 Microsoft outlook. All rights reserved.

Posted in Phishing Scams | Comments Off

Phishing Scam – 06/25/2015 – E-mail Administrator

Origin ISP and web host have been notified. URL is not active and is blocked at the border. The URL has been submitted to Trend.

From: Cortez, Mark J
Sent: Thursday, June 25, 2015 1:46 AM
Subject: E-mail Administrator

Dear Account User,
Your E-mail mailbox has exceeded the limit of 23,432, which is as set by the ADMINISTRATOR, you are currently at 23,000, very soon you will not be able to send or receive email until you validate your mailbox. To re-validate your mailbox, click on the link below and follow the instruction for your upgrade.
To prevent your email account from being closed, re-validate your mailbox below please click here [http://webmailshdsd.altervista.org/index.php.html] [http://webmailshdsd.altervista.org/index.php.html]
Sincerely,
System Administrator.

Posted in Phishing Scams | Comments Off

Phishing Scam – 06/22/2015 – Important Information regarding your TIAA-CREF Account.

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: TIAA-CREF Security <do_not_reply_mt@communications.tiaa-cref.org>
Subject: Important Information regarding your TIAA-CREF Account.
Date: Mon, 22 Jun 2015 21:50:40 +0300

TIAA-CREF: Financial Services for the Greater Good – Your Account
This email contains an important notice from Teachers Insurance and Annuity Association of America (TIAA) and TIAA-CREF Life Insurance Company, College Retirement Equities Fund (CREF), TIAA-CREF Funds, TIAA-CREF Life Funds, Teachers Advisors Inc, TIAA-CREF Investment Management, LLC, Teachers Personal Investors Services Inc, TIAA-CREF Individual & Institutional Services, LLC, TIAA-CREF Tuition Financing, Inc, TIAA-CREF Trust Company, FSB, Kaspick & Company, LLC.
To protect your personal information from unauthorized access and use, we have a adopted the use of Stonesoft Intrusion and Evasion system and other various security measures that comply with federal law. These measures include computer safeguards, secured files and buildings.

Here’s what you need to do:
Log in to your account<http://publictools.tiaa-cref.org.prisminfotech.com/> and check on “all” prompted instructions. Signing up gives you free flexibility to Anti Malware, Anti Phishing, Anti Spyware, Credit Monitoring and ID Theft protection, Data loss prevention, Web Surfing protection, Excessive User Rights and Unauthorized Devices on our website, 100 percent Fraud Liabilty Protection and helps You and TIAA-CREF save money.

Have questions or need more information?
If you have questions or need assistance, please use the TIAA-CREF Web Center’s “contact/help” link anytime or call us at 800 842-2776 Monday to Friday 8:00 a.m. to 10:00 p.m. ET, and Saturday 9:00 a.m. to 6 p.m. ET.
You are currently a subscriber to electronic notification of these materials from TIAA-CREF. To review or change you subscriber profile, or update your e-mail address, go to www.tiaa-cref.org/profile and enter your user ID and password. Do not use your browser’s reply button to respond to this message.

Thank you for choosing TIAA-CREF.

*****************************************************
This e-mail may contain confidential or privileged information. If you are not the intended recipient, please notify the sender immediately and then delete it.
TIAA-CREF
*****************************************************

Posted in Phishing Scams | Comments Off

Phishing Scam – 06/21/2015 – Your Email account verification!

Origin ISP and web host have been notified. URL is active and blocked at the border. The URL has been submitted to Trend.

From: HelpDesk! <noreply@suportdesk.com>
Subject: Your Email account verification!
Date: Sun, 21 Jun 2015 13:20:23 -0400

Hello ********@k-state.edu

Your mailbox limit has been exceeded. Please use the hyperlink below to revalidate.

LoginHere <http://jmservice.net/samemailspam/index.php?> to renew your account.

Support Team!

This message is sent to ********@k-state.edu

Posted in Phishing Scams | Comments Off