The Phish Market is a list of recent emails that were reported to the KSU Office of Cybersecurity as possible phishing attempts on the University community. The Office of Cybersecurity has confirmed these messages as malicious phishing attempts. If you have received an email that you believe may contain a phishing attempt, it is possible that some of the language and links differ from similar messages posted on the Phish Market. It is not uncommon for malicious actors to create variant messages.

We update this list regularly but it is possible that you received the message before it is published to the Phish Market.  If you mistakenly provided credentials to a confirmed phishing email, please change your NetID password immediately at https://netid.kennesaw.edu.  If you receive a suspicious email not in the Phish Market, please forward it to abuse@kennesaw.edu.

Email is the official method of communication at Kennesaw State University. All announcements and business related correspondence are conducted through official Kennesaw State University email accounts. Any email claiming to be an employee of the university that does not originate from an “@kennesaw.edu” address should be held in suspicion, especially if it claims to be from a person of leadership. Please follow the reporting instructions above if you receive suspicious emails that meet these criteria.

Phishing Update - March 2020

In order to provide additional safeguards against phishing attempts, UITS has implemented the following measures:

  • Adding the word [EXTERNAL] to all emails originating outside of KSU
  • A short warning at the bottom of the email body for emails originating outside of KSU

In the last year a number of USG institutions, including KSU, suffered financial losses due to malicious individuals impersonating university employees or financial institutions. There were multiple incidents on the KSU campus alone contributing to financial losses. These additions will help identify emails that came from a non-kennesaw.edu email address and reduce the risks associated with these types of phishing attacks.

Additional supporting information:

  • Financial fraud via email phishing continues to be a threat to institutions around the state including KSU.
  • The FBI reported 23,775 business email compromise incidents in 2019 resulting in financial losses of more than $1.7 billion
  • In 2019, the FBI received an average of 1,200 complaints per day regarding fraudulent financial activity, with email phishing remaining the #1 crime type for the third year
  • Georgia ranked #13 in victims per State, and #11 in financial loss per State

Cyber Security Smart Cookie Award

In recognition of National Cybersecurity Awareness Month, UITS is proud to announce the launch of the Cybersecurity Smart Cookie Award. The award is a small token of appreciation for those individuals who have contributed to the cybersecurity of Kennesaw State University through their proactive action, ultimately assisting UITS in the detection and management of risks.

 And, for the month of October, the Department with the highest percentage of cybersecurity smart cookie award winners will be awarded a Great American Cookie on October 31st!

Cyber Security Digital Badge

cybersecure-badgeShow your friends and colleagues your "cyber-prowess!" You can earn digital badges to be awarded based upon completing cyber-security-related activities. Each activity is associated with increasing awareness of cyber security threats. Each badge level will reinforce your critical role as a user in the security of institutional information and systems. Each badge expires annually.

 

  • correction

    2020-02-21 | Phishing Message

    From: Kennesaw State University. <keith.kuhns@rcn.com>
    Sent: Friday, February 21, 2020 10:11 AM
    To: [Name] <_____@_____.__>
    Subject: Re: Email Notification

    We are increasing our Kennesaw State University webmail quota, so you are to click on the Url below or copy past the url in your browser and login for the quota upgrade.

    [Message Link]

    • fghfgh

      2019-10-24 | Phishing Message

      From: [Name]

      [email]@gmail.com
      Sent: Wednesday, October 24, 2019 12:53 PM
      To: [Name]<_______@kennesaw.edu>
      Subject: Quick Request

       

      Available?

      --

      [Name], [Credential]
      [Title], Department of [Department]

      • 2019-13-09

        2019-09-13 | Phishing Message

        From: [Name] [email]@students.kennesaw.edu
        Sent: Friday, September 13, 2019 3:41 PM
        Subject: Administrative Assistant Needed From the HR Dept.....

        Dear Valuable Applicant this is a Part time job offer that will earn you $350 weekly and allowance of $50 by working from anywhere of your choice and 6-8 hrs weekly job description includes data entry and bookkeeping you are required to [text link] Apply here
        or send a copy of your resume to [email] you will be contacted within 24hrs of signup thank you

        • 07-08-2019

          2019-07-27 | Phishing Message with Link(s)

          From: Jax Jordan <jax@civilemployeeretirementassisting.com>
          Sent: Saturday, July 27, 2019 5:30 PM
          To: <_____________> <____________@kennesaw.edu>
          Subject: TRS/ORP Assistance for Kennesaw State University Personnel

           

          Employee [Recipient Name],

          Each year, as an employee of Kennesaw State University you are eligible to receive a free one-on-one consultation for answers to your specific state, federal and individual retirement benefit questions.

          At your consultation, you will be provided with information that will tell you what your expected income will be from TRS/ORP when you retire, and how much longer you will have to work. That, along with advice on the best ways to utilize your 401(a) options with your TRS/ORP and/or Social Security benefits.

          Appointments fill up quickly. If you’d like to secure your spot, click on the link below, or simply reply “yes” to this email.

          [Message link]

          All licensed representatives are not employees of the college or TRS/ORP.

          To opt out of future mailings, click on the following link:
          [Unsubscribe message link]

          • 05-06-2019

            2019-05-06 | Phishing Message with Link

            From:  <___________@___.edu>
            Sent: Monday, May 6, 2019 3:20:04 PM

            To: coles_staff
            Subject: coles_staff

             [Contains link to phishing page as seen in image]
             ... 
            [Message clipped] View entire message

            This e-mail may contain information that is privileged and confidential. If you suspect that you were not the intended recipient, please delete it and notify the sender as soon as possible.

            • 2019-03-29 Phishing Message

              2019-03-29 | Phishing Message

              Subject: Re: Happy Birthday!!!

               

              Message for [Recipient Name]

               

               

              [link, large blue box] Read this message

               

              10:51:17 (Kennesaw)

              Re: Happy Birthday!!!

              Watch before: Saturday

              • 03-014-2019

                2019-03-04 | Phishing Message

                Subject: Re: Are you on campus

                I will call you after the meeting. I need you to help me get a Steam Wallet Gift card from the store and send me pictures. I will reimburse you back when I get back to the office. I need to send it to someone and it is very important because I am still at the meeting and I need to get it sent as soon as possible. Today is my best friend's son's birthday.


                Thanks!

                Best regards.

                Thank you,
                [Name]

                [Name], [Credential]
                [Title], Department of [Department]
                Kennesaw State University
                [Address]

                • 12-13-2018

                  2018-12-13 | Phishing Message

                  Subject: Are you on campus

                  Are you available

                  ©