Kansas State University

search

Scams

Phishing Scam – 12/15/17 – MailBox RE-Validate

URL is blocked at border, already blocked at Trend. Web Host was notified.

From: Support Team <support@phaseone.com.cn>
Sent: Friday, December 15, 2017 1:39 AM
To: ******* *******
Subject: MailBox RE-Validate
Reactivate Your Mailbox

Hello *******@ksu.edu,
We noticed your e-mail account has almost exceed it’s limit. And you may not be able to send or receive messages within 24 hours from now.

Renew Your Mailbox [https://babsecurity.com/.1/?email=*******@ksu.edu]

 Copyright ©  E-mail Support Service. 2017

Phishing Scam – 12/14/17 – Very Urgent

The URL was blocked at the border and sent to Trend. The web host was notified.

From: ******** *********
Sent: Thursday, December 14, 2017 10:06 AM
To: noreply@msn.com
Subject: Very Urgent
This was sent out to me from your mailbox and I have upload the documents via Adobe multi-function device just CLICK HERE [https://instaplus.ir/gou/office/] and sign in with your email address to view documents. 
Sincerely
IT  Help Desk
office of lnformation Technology
The University
365 Office

Phishing Scam – 12/14/17 – Removal Requested (13 Dec 2017) in Process!!!!!

URL blocked at the border, sent to Trend.

From: riversideart.com Account Service Providers
Sent: Thursday, December 14, 2017 8:22 AM
To: ceo@riversideart.com
Subject: Removal Requested (13 Dec 2017) in Process!!!!!
Hi ceo,
ceo@riversideart.com removal from riversideart.com server has been approved and initiated,
Due to ignorance of last verification warning.
Removal will occur in exactly 48 hours (15 Dec 2017) from now(13 Dec 2017)
We recommend that you do any of the below and protect your mailbox
CONTINUE REMOVAL CANCEL REMOVAL
http://www.thescholarshiptrust.org/css/333.093.293.874/?email=ceo@riversideart.com

——————————————————————————–
© 2017 riversideart.com
>>>>>>>>>> Please do not reply this message. <<<<<<<<<<

Phishing Scam – 12/13/17 – Important message

URL blocked at the border, sent to Trend.

From: Bank of America <admin@asdc.katolici.ba>
Date: Wednesday, December 13, 2017 at 20:02
To: Recipients <admin@asdc.katolici.ba>
Subject: Important message
Online Banking
Dear User
The Technical services of the Bank of America are carrying out a planned software upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation on customer’s data.
To get started, please click the link below:
https [http://cc.morterostudio.com/boa]://www [http://cc.morterostudio.com/boa].bankofamerica [http://cc.morterostudio.com/boa].com [http://cc.morterostudio.com/boa]/
This instruction has been sent to all Bank of America users and is obligatory to follow.
Thank you, 
Customers Support Service.
BankAmeriDeals, My portfolio, Merrill Lynch, Bank of America and the Bank of America logo are registered trademarks of Bank of America Corporation.
Some accounts, services and fees vary from state to state. Please review the Personal Schedule of Feesfor your state, also available at your local financial center.
Bank of America, N.A. Member FDIC. Equal Housing Lender
© 2017 Bank of America Corporation.

Phishing Scam – 12/13/17 – Federal Employee Education and Assistance Common Scholarship

The URL was blocked at the border and sent to Trend. The web host was notified.

From: emily andras
Sent: Wednesday, December 13, 2017 6:19 AM
To: ************
Subject: Federal Employee Education and Assistance Common Scholarship

Dear Sir/Madam,
2017 “Federal Employee Education and Assistance Common Scholarship” is open to full or part-time permanent federal civilian or postal employees who under the age of 25.
Award Amount: $1,000 to $5,000
Deadline: March 21, 2018
Applicants can get more information through the given link: Federal Employee Education and Assistance Common Scholarship
Regards:
Financial Aid Adviser

Phishing Scam – 12/11/17 – Alert: Account Login Attempt; *******@ksu.edu [mailto:*******@ksu.edu]

The URL was blocked at the border and sent to Trend. The web host was notified.

From: “Mıcrosoft Business Online Service Team” <MSOutlookonlineTechnogy-chcekmailcenterteam@canwestelectrical.onmicrosoft.com [mailto:MSOutlookonlineTechnogy-chcekmailcenterteam@canwestelectrical.onmicrosoft.com]>
Date: December 11, 2017 at 8:50:36 PM CST
To: <<*******@ksu.edu [mailto:*******@ksu.edu]> Subject:Alert: Account Login Attempt; *******@ksu.edu [mailto:*******@ksu.edu] Hello *******@ksu.edu [mailto:*******@ksu.edu], Someone attempted to sign in with your email ( *******@ksu.edu [mailto:*******@ksu.edu] ) from an unknown location.  Date Received: [10 December 2017 07:02am]  We restricted the attempt and we put a lock on your account vakas@ksu.edu [mailto:vakas@ksu.edu] for incoming and outgoing message till you sign in from a familiar location SIGN-IN FROM A FAMILIAR LOCATION [https://etnografiaescolar.cl/!%24%40%23%24%23%5E%23%26!/?email=*******@ksu.edu] Thanks for taking these additional steps to keep your email safe. Privacy | legal notices Microsoft Office Radmond, WA 98062-6309 USA

Phishing Scam – 12/12/17 – Kansas State University Reply Needed Now !!!!

The URL is blocked at the border and sent to Trend. The Web Host was notified.

From: **********
Sent: Tuesday, December 12, 2017 11:07 AM
To: ********** <**********ksu.edu>
Subject: Kansas State University Reply Needed Now !!!!
Work at your convenience as a Personal Assistant and earns weekly. Click here [https://personaljob.voog.com/] for further details or to sign up

Phishing Scam – 12/11/17 – Out Of Allocated space

The URL is blocked at the border and sent to Trend. The Web Host was notified.

Sent: Monday, December 11, 2017 11:41 AM
To: ***** ***** <*****@ksu.edu>
Subject: Out Of Allocated space
Importance: High
*****@ksu.edu [mailto:*****@ksu.edu] ,
Your mailbox is almost full.
CLICK HERE [http://www.crispykale.com/bronze/]
5046MB
5100MB
Current size
Maximum size
Please reduce your mailbox size. Delete any items you don’t need from your mailbox and empty your Deleted Items folder.
Sent by Microsoft Exchange Server 2007

Phishing Scam – 12/10/17 – Incoming lnbox Messages (undeliverable)

URL has been blocked at the border and sent to Trend. Web Host has been notified.

Hi ********,
Outlook mail server detected you have (12) undelivered clustered mails on the 01st of December 2017, which are awaiting aproval to be delivered.
Be aware that this may cause mailbox malfunctions, kindly ask you to follow instructons as below.
* Move pending messages [http://zhodinocity.zhodinovel.com/phonetics/parki/fatima/late/Outlook 365/Outlook 365/index.php?login=eid@ksu.edu] from Server to Inbox
* Review pending message [http://zhodinocity.zhodinovel.com/phonetics/parki/fatima/late/Outlook 365/Outlook 365/index.php?login=eid@ksu.edu] with Outlook Cloud server
Further messages might not be delivered if any of the above actions are not performed.

Phishing Scam – 12/10/17 – Fw: HELLO DEAR, CAN WE WORK TOGETHER ON THIS PRO

From: Wilson Stephen
Sent: Sunday, December 10, 2017 6:44 AM
Subject: RE: HELLO DEAR, CAN WE WORK TOGETHER ON THIS PROFITABLE BUSINESS?

Good Day,

Please Read very carefully. I am Mr. Stephen Wilson.. I’m the credit officer in a Bank here in Ouagadougou Burkina Faso. I have a business proposal in the tune of US $ 12.5M (TWEVE MILLION FIVE HUNDRED THOUSAND UNITED STATES DOLLARS) after the successful transfer; we shall share in ratio of 40% for you and 60% for me. I want to front you in the bank so that you can apply for the claim off this fund as the next of kin to our late customer who died years ago with his entire family while on holidays and several attempt has being made to locate his family without success.

You should understand that as an insider in the bank I will do everything possible to protect your interest and to make sure that I follow things up as soon as you are willing to work this out with me because I will not want this money to go into the government purse. Should you be interested, please contact me so that we can commence on all arrangements and I Will give you more information on how we would handle this project. Please treat this business with utmost confidentiality and send me the Following information:

(1)Full names:
(2) Private phone number:
(3) Current residential address
(4)Occupation:
(5) Age and Sex:

Here is the website for more information about the owner of the fund’s death
http://www.sptimes.com/2003/ 07/21/Worldandnation/12_ Americans_die_in_K.shtml

Thanks,
Mr. Stephen Wilson