The Phish Market is a list of recent emails that were reported to the KSU Office of Cybersecurity as possible phishing attempts on the University community. The Office of Cybersecurity has confirmed these messages as malicious phishing attempts. If you have received an email that you believe may contain a phishing attempt, it is possible that some of the language and links differ from similar messages posted on the Phish Market. It is not uncommon for malicious actors to create variant messages.

We update this list regularly but it is possible that you received the message before it is published to the Phish Market.  If you mistakenly provided credentials to a confirmed phishing email, please change your NetID password immediately at https://netid.kennesaw.edu.  If you receive a suspicious email not in the Phish Market, please forward it to abuse@kennesaw.edu.

Email is the official method of communication at Kennesaw State University. All announcements and business related correspondence are conducted through official Kennesaw State University email accounts. Any email claiming to be an employee of the university that does not originate from an “@kennesaw.edu” address should be held in suspicion, especially if it claims to be from a person of leadership. Please follow the reporting instructions above if you receive suspicious emails that meet these criteria.

Cyber Security Smart Cookie Award

In recognition of National Cybersecurity Awareness Month, UITS is proud to announce the launch of the Cybersecurity Smart Cookie Award. The award is a small token of appreciation for those individuals who have contributed to the cybersecurity of Kennesaw State University through their proactive action, ultimately assisting UITS in the detection and management of risks.

 And, for the month of October, the Department with the highest percentage of cybersecurity smart cookie award winners will be awarded a Great American Cookie on October 31st!

Cyber Security Digital Badge

cybersecure-badgeShow your friends and colleagues your "cyber-prowess!" You can earn digital badges to be awarded based upon completing cyber-security-related activities. Each activity is associated with increasing awareness of cyber security threats. Each badge level will reinforce your critical role as a user in the security of institutional information and systems. Each badge expires annually.

 

  • 2019-13-09

    2019-09-13 | Phishing Message

    From: [Name] [email]@students.kennesaw.edu
    Sent: Friday, September 13, 2019 3:41 PM
    Subject: Administrative Assistant Needed From the HR Dept.....

    Dear Valuable Applicant this is a Part time job offer that will earn you $350 weekly and allowance of $50 by working from anywhere of your choice and 6-8 hrs weekly job description includes data entry and bookkeeping you are required to [text link] Apply here
    or send a copy of your resume to [email] you will be contacted within 24hrs of signup thank you

    • 07-08-2019

      2019-07-27 | Phishing Message with Link(s)

      From: Jax Jordan <jax@civilemployeeretirementassisting.com>
      Sent: Saturday, July 27, 2019 5:30 PM
      To: <_____________> <____________@kennesaw.edu>
      Subject: TRS/ORP Assistance for Kennesaw State University Personnel

       

      Employee [Recipient Name],

      Each year, as an employee of Kennesaw State University you are eligible to receive a free one-on-one consultation for answers to your specific state, federal and individual retirement benefit questions.

      At your consultation, you will be provided with information that will tell you what your expected income will be from TRS/ORP when you retire, and how much longer you will have to work. That, along with advice on the best ways to utilize your 401(a) options with your TRS/ORP and/or Social Security benefits.

      Appointments fill up quickly. If you’d like to secure your spot, click on the link below, or simply reply “yes” to this email.

      [Message link]

      All licensed representatives are not employees of the college or TRS/ORP.

      To opt out of future mailings, click on the following link:
      [Unsubscribe message link]

      • 05-06-2019

        2019-05-06 | Phishing Message with Link

        From:  <___________@___.edu>
        Sent: Monday, May 6, 2019 3:20:04 PM

        To: coles_staff
        Subject: coles_staff

         [Contains link to phishing page as seen in image]
         ... 
        [Message clipped] View entire message

        This e-mail may contain information that is privileged and confidential. If you suspect that you were not the intended recipient, please delete it and notify the sender as soon as possible.

        • 2019-03-29 Phishing Message

          2019-03-29 | Phishing Message

          Subject: Re: Happy Birthday!!!

           

          Message for [Recipient Name]

           

           

          [link, large blue box] Read this message

           

          10:51:17 (Kennesaw)

          Re: Happy Birthday!!!

          Watch before: Saturday

          • 03-014-2019

            2019-03-04 | Phishing Message

            Subject: Re: Are you on campus

            I will call you after the meeting. I need you to help me get a Steam Wallet Gift card from the store and send me pictures. I will reimburse you back when I get back to the office. I need to send it to someone and it is very important because I am still at the meeting and I need to get it sent as soon as possible. Today is my best friend's son's birthday.


            Thanks!

            Best regards.

            Thank you,
            [Name]

            [Name], [Credential]
            [Title], Department of [Department]
            Kennesaw State University
            [Address]

            • 12-13-2018

              2018-12-13 | Phishing Message

              Subject: Are you on campus

              Are you available

              • 2018-10-24 | Phish Market

                2018-10-24 | Phishing Message

                Subject: Re: [Name] past due amount

                Cannot show this email

                [link, green box]: Click here to view this message


                HTML delayed message: yxEn - Date: 10/21/2018 6:48:24 (kennesaw)

                • 2018-10-17

                  2018-10-17 | Phishing Message

                  Subject: [Name] - has shared a document with you.

                  Hi there,

                  [email]@kennesaw.edu- has invited you to view the document below via Docusign

                  [link] View Document

                  Enjoy!
                  The DocuSign

                  • Phishing email 2018-10-05

                    2018-10-05 | Phishing Message

                    Subject: Your password is [password]

                    [password] is your password. Lets get right to point. You don't know me and you are most likely wondering why you are getting this e-mail? Not a single person has paid me to investigate about you.

                    actually, I setup a software on the adult video clips (pornography) website and you know what, you visited this site to experience fun (you know what I mean). While you were viewing video clips, your web browser began functioning as a Remote Desktop with a key logger which gave me access to your display screen as well as cam. Right after that, my software program collected every one of your contacts from your Messenger, social networks, and e-mail . Next I made a video. First part shows the video you were watching (you've got a fine taste hahah), and second part displays the view of your web cam, yea it is you.

                    You actually have 2 possibilities. Lets review these solutions in aspects:

                    Very first solution is to skip this email message. In this situation, I will send your actual videotape to just about all of your contacts and also just imagine regarding the shame that you receive. Keep in mind if you happen to be in a committed relationship, just how it will affect?

                    Other solution would be to give me $1000. Lets regard it as a donation. Subsequently, I will straight away discard your video. You will go forward your daily life like this never happened and you would never hear back again from me.

                    You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).

                    BTC Address to send to: [BTC address]
                    [CASE-SENSITIVE copy & paste it]

                    In case you are wondering about going to the cops, surely, this email message cannot be traced back to me. I have dealt with my steps. I am also not attempting to demand a lot, I wish to be rewarded.

                    You have one day in order to pay. I have a specific pixel within this message, and at this moment I know that you have read through this e mail. If I don't get the BitCoins, I will certainly send your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I receive the payment, I will erase the video right away. If you need evidence, reply Yea! and I will certainly send your video recording to your [number] contacts. This is a nonnegotiable offer, therefore do not waste my time & yours by responding to this mail.

                    • Phishing 09-21-2018

                      2018-09-21 | Phishing Message

                      Subject: Re: To request Concur access

                      Cannot show this message

                      [link]: Click here to view full message


                      HTML message delayed wsIZ - Date: 09/21/2018 [time] (kennesaw)

                      • Phishing June 20, 2018

                        2018-06-20 | Phishing Message

                        Subject: PART TIME JOB

                        Name of Company:
                        Landor Associates 

                        JOB TITLE:
                        Advertise While Driving 

                        JOB DESCRIPTION:
                        We seek interested candidates to go about their normal routine with the advert of the "AUSTRALIAN OPEN 2019" on their Car 

                        Qualifications:
                        Must have a Car,Truck,Van or Motorcycle.. 

                        SALARY:
                        $250 weekly including $50 for gas

                        Interested Candidates should contact
                        [email]
                        for more info

                        Sincerely,

                        Raymond
                        Hiring Coordinator/Logistic Supervisor
                        [phone number]
                        [websites]

                        • Phishing June 20, 2018

                          2018-06-20 | Phishing Message

                          Subject: [name] as Shared a file with you Using One Drive

                          Hello,

                          Please find attached the Look Ahead files for Monday June 18th,2018

                          Open

                          Kindly let me have your opinion

                          • Phishing May 19, 2018

                            2018-05-19 | Phishing Message

                            Subject: Information Technology Services

                            Notice to all Faculty, staff, and student.

                            We have upgraded VPN client software, please click the login button to reactivate your Kennesaw State University VPN Service access.

                            [link]

                            This is a technology that allows Kennesaw State University VPN Service Faculty, Staff, Students, and Retirees to securely access theKennesaw State University VPN Service Network from anywhere with an Internet connection.

                            All connections are logged and monitored. By accessing this system, you acknowledge that use of this and any other technology at Kennesaw State University VPN is subject to the terms of the Kennesaw State University VPN Conditions of Use and Policy on Computing Ethics

                            • Phishing March 19, 2018

                              2018-03-19 | Phishing Message

                              Subject: Important Notice Update Your Account

                              Recently, we have detected something unusual on your account activity and results, we are upgrading our database server from our old server (No420134x) to the new server (No520193x) you will need to upgrade to our Web your account again to confirm your account details below.

                              Urges all e-mail users received the e-mail, update their e-mail accounts within 24 hours using the update link: Click Here: make sure your email account is the latest system requirements. 

                              Thank you for your kind cooperation.

                              Thank you,
                              Admin Portal
                              Copyright 2018 Microsoft Exchange Administrator Portal All Rights Reserved.

                              • Phishing March 15, 2018

                                2018-03-15 | Phishing Message

                                Subject: Verify Your Email Now To Avoid Close Down

                                Kindly verify your office365 in other for us to be sure you were the person who tried to login from a different

                                location so we need you to verify the login attempt for us to be sure and get your account secured .

                                Click here to verify now Click Here
                                .......................................................

                                Administrator
                                Information Technology.

                                • Phishing March 13, 2018

                                  2018-03-13 | Phishing Message

                                  Subject: Notice Mail

                                  Kindly confirm that your account is still in use by clicking the validation
                                  link below:

                                  Validate Email Account

                                  Sincerely
                                  IT Help Desk
                                  Office of Information Technology
                                  Kennesaw State University

                                  • Phishing March 12, 2018 - Example C

                                    2018-03-12 | Phishing Message

                                    Subject:

                                    --
                                    Attention!!!

                                    We have recently confirmed that your mailbox has exceeded the limit
                                    of 30 GB, which is as set by your manager and your are currently at
                                    30.9 GB. Different computers have logged into your mailbox account
                                    and multiple password errors have been entered. We are hereby
                                    suspending your account.

                                    Click Here to help you Manage your account:
                                    [link]

                                    ITS Help Desk,
                                    webmail.kennesaw.edu,
                                    2018. All Rights Reserved.

                                    • Phishing March 12, 2018 - Example C

                                      2018-03-12 | Phishing Message

                                      Reply-To: <[email address]>

                                      Hello,

                                      We invite you to participate in this profitable and less stressed Job Offer. because you are a student, employee, retiree of this University and it would never disturb your academics as a student or disturb your work as a staff and just in a week you'll earn a sum of $250 for a job well done. Kindly give it a benefit of doubt and you would never regret.
                                      We have about 52 Student who has benefited from this over 6 weeks it has been introduced to the school.

                                      Market Force

                                      ABOUT US: Market Force is a market research company, we use Mystery shopping or Mystery Consumer to measure quality of retail service or gather specific information about products and services. We work with some of the largest, reputable businesses in the world; from fast food to petroleum, technology or fashion retailers and more.

                                      JOB DESCRIPTION: You will be required to conduct an all expenses paid surveys and evaluation exercises on behalf of Mystery America. Your job will be to evaluate and measure quality of retail service or gather specific information about products and services.

                                      As our mystery shopper posing as normal customers, you will expected to perform specific tasks such as purchasing a product or using a service.

                                      • Phishing March 12, 2018 - Example A

                                        2018-03-12 | Phishing Message

                                        Subject:

                                        --
                                        Attention!!!

                                        This is an important message from webmail.kennesaw.edu Information
                                        Technology. Our records indicate your account section has expired.
                                        Therefore, your account has been scheduled for deletion on this Month
                                        of MARCH, 2018. As part of this process, your account, files, email
                                        address messages etc, will be deleted. To Retail Your Account, Click
                                        Here to help you Manage your account:

                                        [link]

                                        ITS Help Desk,
                                        webmail.kennesaw.edu,
                                        2018. All Rights Reserved.

                                        • Feburary 21st, 2018 Phishing Message

                                          2018-02-21 | Phishing Message

                                          Paid Invoice

                                          I was following up to find out when we can expect payment on the attached invoice.
                                          Thanks!

                                          [link]

                                          [sender's email address]

                                          • Feburary 16th, 2018 Phishing Message

                                            2018-02-16 | Phishing Message

                                            RE: Support.

                                            Notice from Support!, All employees are advised to manually update their web server to complete the update process and migrate to the new version of Microsoft web mail service. CLICK HERE TO PROCEED

                                            IT Support
                                            Webmail Center.
                                            © Copyright 2018 Support.
                                            All right Reserved.
                                            ************************** IMPORTANT NOTICE: This e-mail message and all attachments, if any, may contain confidential and privileged material and are intended only for the person or entity to which the message is addressed. If you are not an intended recipient, you are hereby notified that any use, dissemination, distribution, disclosure, or copying of this information is unauthorized and strictly prohibited. If you have received this communication in error, please contact the sender immediately by reply e-mail, and destroy all copies of the original message.

                                            • January 31st, 2018 Phishing Message

                                              2018-01-31 | Phishing Message

                                              Undisclosed Message

                                              You have (1)important unread messages from Kennesaw State University, Click on View to read it.

                                              • November 11, 2017

                                                2017-11-10 | Phishing Message

                                                RE: Capital One Reminder

                                                Dear Capital One Customer

                                                Your Capital One Bank Internet Banking has been temporary suspended.

                                                We require you to Unlock your account: Unlock Access

                                                Sincerely
                                                Samuel S. Olens| Capital One Security Department

                                                • November 11, 2017 Phishing Message

                                                  2017-11-10 | Phishing Message

                                                  RE: Reminder

                                                  Dear Capital One Customer

                                                  Your Capital One Bank Internet Banking has been temporary suspended

                                                  We require you to Unlock your account: Unlock Access

                                                  Stephanie Paynter
                                                  Capital One Security Department

                                                  • November 11, 2017 Message

                                                    2017-11-10 | Phishing Message

                                                    RE: IMPORTANT

                                                    Dear Capital One Customer

                                                    Your Capital One Bank Internet Banking has been temporary suspended.

                                                    We require you to Unlock your account: Unlock Access

                                                    Sincerely
                                                    Samuel S. Olens| Capital One Security Department

                                                    • November 11, 2017 Phishing Mesaage

                                                      2017-11-10 | Phishing Message

                                                      Hello

                                                      Hello

                                                      I am Miss. Georgiana Kuasi, the only daughter of late Chief and Mrs. Donald Kuasi, I am 20 years old my father was a gold merchant in Aviory Coast, my both parents died on February 2014 in a fatal motor accident.

                                                      After the death of my parents, I discovered documents which show he deposited the sum of (Us 5 Million Dollars) in a Bank, and he used my Name Georgiana Kuasi as his only daughter for the Next of Kin as writing in the deposit document.

                                                      Dear, I am seeking for your assistance in the following ways:

                                                      (1) To help me retrieve the fund from the Financial Institution and provide a bank account into which this money would be transferred to.

                                                      (2) To serve as a guardian of this fund and help me invest it in a lucrative venture.

                                                      I am willing to offer you 20% of the total sum as compensation and another 5% will be set aside for any expenses. Please respond if you are willing to assist me, I will give you further information immediately I received your response.

                                                      Anticipating hearing from you.

                                                      Your's

                                                      Georgiana Kuasi.

                                                      ©