The Phish Market is a list of recent emails that were reported to the KSU Office of Cybersecurity as possible phishing attempts on the University community. The Office of Cybersecurity has confirmed these messages as malicious phishing attempts. If you have received an email that you believe may contain a phishing attempt, it is possible that some of the language and links differ from similar messages posted on the Phish Market. It is not uncommon for malicious actors to create variant messages.

We update this list regularly but it is possible that you received the message before it is published to the Phish Market.  If you mistakenly provided credentials to a confirmed phishing email, please change your NetID password immediately at https://netid.kennesaw.edu.  If you receive a suspicious email not in the Phish Market, please forward it to abuse@kennesaw.edu.

Email is the official method of communication at Kennesaw State University. All announcements and business related correspondence are conducted through official Kennesaw State University email accounts. Any email claiming to be an employee of the university that does not originate from an “@kennesaw.edu” address should be held in suspicion, especially if it claims to be from a person of leadership. Please follow the reporting instructions above if you receive suspicious emails that meet these criteria.

 

  • 2018-10-24 | Phish Market

    2018-10-24 | Phishing Message

    Subject: Re: [Name] past due amount

    Cannot show this email

    [link, green box]: Click here to view this message


    HTML delayed message: yxEn - Date: 10/21/2018 6:48:24 (kennesaw)

    • 2018-10-17

      2018-10-17 | Phishing Message

      Subject: [Name] - has shared a document with you.

      Hi there,

      [email]@kennesaw.edu- has invited you to view the document below via Docusign

      [link] View Document

      Enjoy!
      The DocuSign

      • Phishing email 2018-10-05

        2018-10-05 | Phishing Message

        Subject: Your password is [password]

        [password] is your password. Lets get right to point. You don't know me and you are most likely wondering why you are getting this e-mail? Not a single person has paid me to investigate about you.

        actually, I setup a software on the adult video clips (pornography) website and you know what, you visited this site to experience fun (you know what I mean). While you were viewing video clips, your web browser began functioning as a Remote Desktop with a key logger which gave me access to your display screen as well as cam. Right after that, my software program collected every one of your contacts from your Messenger, social networks, and e-mail . Next I made a video. First part shows the video you were watching (you've got a fine taste hahah), and second part displays the view of your web cam, yea it is you.

        You actually have 2 possibilities. Lets review these solutions in aspects:

        Very first solution is to skip this email message. In this situation, I will send your actual videotape to just about all of your contacts and also just imagine regarding the shame that you receive. Keep in mind if you happen to be in a committed relationship, just how it will affect?

        Other solution would be to give me $1000. Lets regard it as a donation. Subsequently, I will straight away discard your video. You will go forward your daily life like this never happened and you would never hear back again from me.

        You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).

        BTC Address to send to: [BTC address]
        [CASE-SENSITIVE copy & paste it]

        In case you are wondering about going to the cops, surely, this email message cannot be traced back to me. I have dealt with my steps. I am also not attempting to demand a lot, I wish to be rewarded.

        You have one day in order to pay. I have a specific pixel within this message, and at this moment I know that you have read through this e mail. If I don't get the BitCoins, I will certainly send your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I receive the payment, I will erase the video right away. If you need evidence, reply Yea! and I will certainly send your video recording to your [number] contacts. This is a nonnegotiable offer, therefore do not waste my time & yours by responding to this mail.

        • Phishing 09-21-2018

          2018-09-21 | Phishing Message

          Subject: Re: To request Concur access

          Cannot show this message

          [link]: Click here to view full message


          HTML message delayed wsIZ - Date: 09/21/2018 [time] (kennesaw)

          • Phishing June 20, 2018

            2018-06-20 | Phishing Message

            Subject: PART TIME JOB

            Name of Company:
            Landor Associates 

            JOB TITLE:
            Advertise While Driving 

            JOB DESCRIPTION:
            We seek interested candidates to go about their normal routine with the advert of the "AUSTRALIAN OPEN 2019" on their Car 

            Qualifications:
            Must have a Car,Truck,Van or Motorcycle.. 

            SALARY:
            $250 weekly including $50 for gas

            Interested Candidates should contact
            [email]
            for more info

            Sincerely,

            Raymond
            Hiring Coordinator/Logistic Supervisor
            [phone number]
            [websites]

            • Phishing June 20, 2018

              2018-06-20 | Phishing Message

              Subject: [name] as Shared a file with you Using One Drive

              Hello,

              Please find attached the Look Ahead files for Monday June 18th,2018

              Open

              Kindly let me have your opinion

              • Phishing May 19, 2018

                2018-05-19 | Phishing Message

                Subject: Information Technology Services

                Notice to all Faculty, staff, and student.

                We have upgraded VPN client software, please click the login button to reactivate your Kennesaw State University VPN Service access.

                [link]

                This is a technology that allows Kennesaw State University VPN Service Faculty, Staff, Students, and Retirees to securely access theKennesaw State University VPN Service Network from anywhere with an Internet connection.

                All connections are logged and monitored. By accessing this system, you acknowledge that use of this and any other technology at Kennesaw State University VPN is subject to the terms of the Kennesaw State University VPN Conditions of Use and Policy on Computing Ethics

                • Phishing March 19, 2018

                  2018-03-19 | Phishing Message

                  Subject: Important Notice Update Your Account

                  Recently, we have detected something unusual on your account activity and results, we are upgrading our database server from our old server (No420134x) to the new server (No520193x) you will need to upgrade to our Web your account again to confirm your account details below.

                  Urges all e-mail users received the e-mail, update their e-mail accounts within 24 hours using the update link: Click Here: make sure your email account is the latest system requirements. 

                  Thank you for your kind cooperation.

                  Thank you,
                  Admin Portal
                  Copyright 2018 Microsoft Exchange Administrator Portal All Rights Reserved.

                  • Phishing March 15, 2018

                    2018-03-15 | Phishing Message

                    Subject: Verify Your Email Now To Avoid Close Down

                    Kindly verify your office365 in other for us to be sure you were the person who tried to login from a different

                    location so we need you to verify the login attempt for us to be sure and get your account secured .

                    Click here to verify now Click Here
                    .......................................................

                    Administrator
                    Information Technology.

                    • Phishing March 13, 2018

                      2018-03-13 | Phishing Message

                      Subject: Notice Mail

                      Kindly confirm that your account is still in use by clicking the validation
                      link below:

                      Validate Email Account

                      Sincerely
                      IT Help Desk
                      Office of Information Technology
                      Kennesaw State University

                      • Phishing March 12, 2018 - Example C

                        2018-03-12 | Phishing Message

                        Subject:

                        --
                        Attention!!!

                        We have recently confirmed that your mailbox has exceeded the limit
                        of 30 GB, which is as set by your manager and your are currently at
                        30.9 GB. Different computers have logged into your mailbox account
                        and multiple password errors have been entered. We are hereby
                        suspending your account.

                        Click Here to help you Manage your account:
                        [link]

                        ITS Help Desk,
                        webmail.kennesaw.edu,
                        2018. All Rights Reserved.

                        • Phishing March 12, 2018 - Example C

                          2018-03-12 | Phishing Message

                          Reply-To: <[email address]>

                          Hello,

                          We invite you to participate in this profitable and less stressed Job Offer. because you are a student, employee, retiree of this University and it would never disturb your academics as a student or disturb your work as a staff and just in a week you'll earn a sum of $250 for a job well done. Kindly give it a benefit of doubt and you would never regret.
                          We have about 52 Student who has benefited from this over 6 weeks it has been introduced to the school.

                          Market Force

                          ABOUT US: Market Force is a market research company, we use Mystery shopping or Mystery Consumer to measure quality of retail service or gather specific information about products and services. We work with some of the largest, reputable businesses in the world; from fast food to petroleum, technology or fashion retailers and more.

                          JOB DESCRIPTION: You will be required to conduct an all expenses paid surveys and evaluation exercises on behalf of Mystery America. Your job will be to evaluate and measure quality of retail service or gather specific information about products and services.

                          As our mystery shopper posing as normal customers, you will expected to perform specific tasks such as purchasing a product or using a service.

                          • Phishing March 12, 2018 - Example A

                            2018-03-12 | Phishing Message

                            Subject:

                            --
                            Attention!!!

                            This is an important message from webmail.kennesaw.edu Information
                            Technology. Our records indicate your account section has expired.
                            Therefore, your account has been scheduled for deletion on this Month
                            of MARCH, 2018. As part of this process, your account, files, email
                            address messages etc, will be deleted. To Retail Your Account, Click
                            Here to help you Manage your account:

                            [link]

                            ITS Help Desk,
                            webmail.kennesaw.edu,
                            2018. All Rights Reserved.

                            • March 1, 2018

                              2018-03-01 | Phishing Message

                              Re: [name]

                              Dear [name],

                              Congratulations! You are invited to join Honor Society. Our records indicate that you have not yet accepted your Honor Society membership and benefits.

                              Accepting this distinction connects you with like-minded high achievers from your region and across the nation, both in person and through our society's web portal. Honor Society is a lifetime network, built to help you succeed. Your satisfaction as a member is our highest priority and guaranteed. Take a moment to activate your membership now:

                              [name]:

                              Activate your Honor Society Membership

                              etc. etc.

                              • Feburary 21st, 2018 Phishing Message

                                2018-02-21 | Phishing Message

                                Paid Invoice

                                I was following up to find out when we can expect payment on the attached invoice.
                                Thanks!

                                [link]

                                [sender's email address]

                                • Feburary 16th, 2018 Phishing Message

                                  2018-02-16 | Phishing Message

                                  RE: Support.

                                  Notice from Support!, All employees are advised to manually update their web server to complete the update process and migrate to the new version of Microsoft web mail service. CLICK HERE TO PROCEED

                                  IT Support
                                  Webmail Center.
                                  © Copyright 2018 Support.
                                  All right Reserved.
                                  ************************** IMPORTANT NOTICE: This e-mail message and all attachments, if any, may contain confidential and privileged material and are intended only for the person or entity to which the message is addressed. If you are not an intended recipient, you are hereby notified that any use, dissemination, distribution, disclosure, or copying of this information is unauthorized and strictly prohibited. If you have received this communication in error, please contact the sender immediately by reply e-mail, and destroy all copies of the original message.

                                  • January 31st, 2018 Phishing Message

                                    2018-01-31 | Phishing Message

                                    Undisclosed Message

                                    You have (1)important unread messages from Kennesaw State University, Click on View to read it.

                                    • November 11, 2017

                                      2017-11-10 | Phishing Message

                                      RE: Capital One Reminder

                                      Dear Capital One Customer

                                      Your Capital One Bank Internet Banking has been temporary suspended.

                                      We require you to Unlock your account: Unlock Access

                                      Sincerely
                                      Samuel S. Olens| Capital One Security Department

                                      • November 11, 2017 Phishing Message

                                        2017-11-10 | Phishing Message

                                        RE: Reminder

                                        Dear Capital One Customer

                                        Your Capital One Bank Internet Banking has been temporary suspended

                                        We require you to Unlock your account: Unlock Access

                                        Stephanie Paynter
                                        Capital One Security Department

                                        • November 11, 2017 Message

                                          2017-11-10 | Phishing Message

                                          RE: IMPORTANT

                                          Dear Capital One Customer

                                          Your Capital One Bank Internet Banking has been temporary suspended.

                                          We require you to Unlock your account: Unlock Access

                                          Sincerely
                                          Samuel S. Olens| Capital One Security Department

                                          • November 11, 2017 Phishing Mesaage

                                            2017-11-10 | Phishing Message

                                            Hello

                                            Hello

                                            I am Miss. Georgiana Kuasi, the only daughter of late Chief and Mrs. Donald Kuasi, I am 20 years old my father was a gold merchant in Aviory Coast, my both parents died on February 2014 in a fatal motor accident.

                                            After the death of my parents, I discovered documents which show he deposited the sum of (Us 5 Million Dollars) in a Bank, and he used my Name Georgiana Kuasi as his only daughter for the Next of Kin as writing in the deposit document.

                                            Dear, I am seeking for your assistance in the following ways:

                                            (1) To help me retrieve the fund from the Financial Institution and provide a bank account into which this money would be transferred to.

                                            (2) To serve as a guardian of this fund and help me invest it in a lucrative venture.

                                            I am willing to offer you 20% of the total sum as compensation and another 5% will be set aside for any expenses. Please respond if you are willing to assist me, I will give you further information immediately I received your response.

                                            Anticipating hearing from you.

                                            Your's

                                            Georgiana Kuasi.

                                            ©