The Phish Market is a list of recent emails that were reported to the KSU Office of Cybersecurity as possible phishing attempts on the University community. The Office of Cybersecurity has confirmed these messages as malicious phishing attempts. If you have received an email that you believe may contain a phishing attempt, it is possible that some of the language and links differ from similar messages posted on the Phish Market. It is not uncommon for malicious actors to create variant messages.

We update this list regularly but it is possible that you received the message before it is published to the Phish Market.  If you mistakenly provided credentials to a confirmed phishing email, please change your NetID password immediately at  If you receive a suspicious email not in the Phish Market, please forward it to

Email is the official method of communication at Kennesaw State University. All announcements and business related correspondence are conducted through official Kennesaw State University email accounts. Any email claiming to be an employee of the university that does not originate from an “” address should be held in suspicion, especially if it claims to be from a person of leadership. Please follow the reporting instructions above if you receive suspicious emails that meet these criteria.


  • 07-08-2019

    2019-07-27 | Phishing Message with Link(s)

    From: Jax Jordan <>
    Sent: Saturday, July 27, 2019 5:30 PM
    To: <_____________> <>
    Subject: TRS/ORP Assistance for Kennesaw State University Personnel


    Employee [Recipient Name],

    Each year, as an employee of Kennesaw State University you are eligible to receive a free one-on-one consultation for answers to your specific state, federal and individual retirement benefit questions.

    At your consultation, you will be provided with information that will tell you what your expected income will be from TRS/ORP when you retire, and how much longer you will have to work. That, along with advice on the best ways to utilize your 401(a) options with your TRS/ORP and/or Social Security benefits.

    Appointments fill up quickly. If you’d like to secure your spot, click on the link below, or simply reply “yes” to this email.

    [Message link]

    All licensed representatives are not employees of the college or TRS/ORP.

    To opt out of future mailings, click on the following link:
    [Unsubscribe message link]

    • 05-06-2019

      2019-05-06 | Phishing Message with Link

      From:  <>
      Sent: Monday, May 6, 2019 3:20:04 PM

      To: coles_staff
      Subject: coles_staff

       [Contains link to phishing page as seen in image]
      [Message clipped] View entire message

      This e-mail may contain information that is privileged and confidential. If you suspect that you were not the intended recipient, please delete it and notify the sender as soon as possible.

      • 2019-03-29 Phishing Message

        2019-03-29 | Phishing Message

        Subject: Re: Happy Birthday!!!


        Message for [Recipient Name]



        [link, large blue box] Read this message


        10:51:17 (Kennesaw)

        Re: Happy Birthday!!!

        Watch before: Saturday

        • 03-014-2019

          2019-03-04 | Phishing Message

          Subject: Re: Are you on campus

          I will call you after the meeting. I need you to help me get a Steam Wallet Gift card from the store and send me pictures. I will reimburse you back when I get back to the office. I need to send it to someone and it is very important because I am still at the meeting and I need to get it sent as soon as possible. Today is my best friend's son's birthday.


          Best regards.

          Thank you,

          [Name], [Credential]
          [Title], Department of [Department]
          Kennesaw State University

          • 12-13-2018

            2018-12-13 | Phishing Message

            Subject: Are you on campus

            Are you available

            • 2018-10-24 | Phish Market

              2018-10-24 | Phishing Message

              Subject: Re: [Name] past due amount

              Cannot show this email

              [link, green box]: Click here to view this message

              HTML delayed message: yxEn - Date: 10/21/2018 6:48:24 (kennesaw)

              • 2018-10-17

                2018-10-17 | Phishing Message

                Subject: [Name] - has shared a document with you.

                Hi there,

                [email] has invited you to view the document below via Docusign

                [link] View Document

                The DocuSign

                • Phishing email 2018-10-05

                  2018-10-05 | Phishing Message

                  Subject: Your password is [password]

                  [password] is your password. Lets get right to point. You don't know me and you are most likely wondering why you are getting this e-mail? Not a single person has paid me to investigate about you.

                  actually, I setup a software on the adult video clips (pornography) website and you know what, you visited this site to experience fun (you know what I mean). While you were viewing video clips, your web browser began functioning as a Remote Desktop with a key logger which gave me access to your display screen as well as cam. Right after that, my software program collected every one of your contacts from your Messenger, social networks, and e-mail . Next I made a video. First part shows the video you were watching (you've got a fine taste hahah), and second part displays the view of your web cam, yea it is you.

                  You actually have 2 possibilities. Lets review these solutions in aspects:

                  Very first solution is to skip this email message. In this situation, I will send your actual videotape to just about all of your contacts and also just imagine regarding the shame that you receive. Keep in mind if you happen to be in a committed relationship, just how it will affect?

                  Other solution would be to give me $1000. Lets regard it as a donation. Subsequently, I will straight away discard your video. You will go forward your daily life like this never happened and you would never hear back again from me.

                  You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).

                  BTC Address to send to: [BTC address]
                  [CASE-SENSITIVE copy & paste it]

                  In case you are wondering about going to the cops, surely, this email message cannot be traced back to me. I have dealt with my steps. I am also not attempting to demand a lot, I wish to be rewarded.

                  You have one day in order to pay. I have a specific pixel within this message, and at this moment I know that you have read through this e mail. If I don't get the BitCoins, I will certainly send your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I receive the payment, I will erase the video right away. If you need evidence, reply Yea! and I will certainly send your video recording to your [number] contacts. This is a nonnegotiable offer, therefore do not waste my time & yours by responding to this mail.

                  • Phishing 09-21-2018

                    2018-09-21 | Phishing Message

                    Subject: Re: To request Concur access

                    Cannot show this message

                    [link]: Click here to view full message

                    HTML message delayed wsIZ - Date: 09/21/2018 [time] (kennesaw)

                    • Phishing June 20, 2018

                      2018-06-20 | Phishing Message

                      Subject: PART TIME JOB

                      Name of Company:
                      Landor Associates 

                      JOB TITLE:
                      Advertise While Driving 

                      JOB DESCRIPTION:
                      We seek interested candidates to go about their normal routine with the advert of the "AUSTRALIAN OPEN 2019" on their Car 

                      Must have a Car,Truck,Van or Motorcycle.. 

                      $250 weekly including $50 for gas

                      Interested Candidates should contact
                      for more info


                      Hiring Coordinator/Logistic Supervisor
                      [phone number]

                      • Phishing June 20, 2018

                        2018-06-20 | Phishing Message

                        Subject: [name] as Shared a file with you Using One Drive


                        Please find attached the Look Ahead files for Monday June 18th,2018


                        Kindly let me have your opinion

                        • Phishing May 19, 2018

                          2018-05-19 | Phishing Message

                          Subject: Information Technology Services

                          Notice to all Faculty, staff, and student.

                          We have upgraded VPN client software, please click the login button to reactivate your Kennesaw State University VPN Service access.


                          This is a technology that allows Kennesaw State University VPN Service Faculty, Staff, Students, and Retirees to securely access theKennesaw State University VPN Service Network from anywhere with an Internet connection.

                          All connections are logged and monitored. By accessing this system, you acknowledge that use of this and any other technology at Kennesaw State University VPN is subject to the terms of the Kennesaw State University VPN Conditions of Use and Policy on Computing Ethics

                          • Phishing March 19, 2018

                            2018-03-19 | Phishing Message

                            Subject: Important Notice Update Your Account

                            Recently, we have detected something unusual on your account activity and results, we are upgrading our database server from our old server (No420134x) to the new server (No520193x) you will need to upgrade to our Web your account again to confirm your account details below.

                            Urges all e-mail users received the e-mail, update their e-mail accounts within 24 hours using the update link: Click Here: make sure your email account is the latest system requirements. 

                            Thank you for your kind cooperation.

                            Thank you,
                            Admin Portal
                            Copyright 2018 Microsoft Exchange Administrator Portal All Rights Reserved.

                            • Phishing March 15, 2018

                              2018-03-15 | Phishing Message

                              Subject: Verify Your Email Now To Avoid Close Down

                              Kindly verify your office365 in other for us to be sure you were the person who tried to login from a different

                              location so we need you to verify the login attempt for us to be sure and get your account secured .

                              Click here to verify now Click Here

                              Information Technology.

                              • Phishing March 13, 2018

                                2018-03-13 | Phishing Message

                                Subject: Notice Mail

                                Kindly confirm that your account is still in use by clicking the validation
                                link below:

                                Validate Email Account

                                IT Help Desk
                                Office of Information Technology
                                Kennesaw State University

                                • Phishing March 12, 2018 - Example C

                                  2018-03-12 | Phishing Message



                                  We have recently confirmed that your mailbox has exceeded the limit
                                  of 30 GB, which is as set by your manager and your are currently at
                                  30.9 GB. Different computers have logged into your mailbox account
                                  and multiple password errors have been entered. We are hereby
                                  suspending your account.

                                  Click Here to help you Manage your account:

                                  ITS Help Desk,
                                  2018. All Rights Reserved.

                                  • Phishing March 12, 2018 - Example C

                                    2018-03-12 | Phishing Message

                                    Reply-To: <[email address]>


                                    We invite you to participate in this profitable and less stressed Job Offer. because you are a student, employee, retiree of this University and it would never disturb your academics as a student or disturb your work as a staff and just in a week you'll earn a sum of $250 for a job well done. Kindly give it a benefit of doubt and you would never regret.
                                    We have about 52 Student who has benefited from this over 6 weeks it has been introduced to the school.

                                    Market Force

                                    ABOUT US: Market Force is a market research company, we use Mystery shopping or Mystery Consumer to measure quality of retail service or gather specific information about products and services. We work with some of the largest, reputable businesses in the world; from fast food to petroleum, technology or fashion retailers and more.

                                    JOB DESCRIPTION: You will be required to conduct an all expenses paid surveys and evaluation exercises on behalf of Mystery America. Your job will be to evaluate and measure quality of retail service or gather specific information about products and services.

                                    As our mystery shopper posing as normal customers, you will expected to perform specific tasks such as purchasing a product or using a service.

                                    • Phishing March 12, 2018 - Example A

                                      2018-03-12 | Phishing Message



                                      This is an important message from Information
                                      Technology. Our records indicate your account section has expired.
                                      Therefore, your account has been scheduled for deletion on this Month
                                      of MARCH, 2018. As part of this process, your account, files, email
                                      address messages etc, will be deleted. To Retail Your Account, Click
                                      Here to help you Manage your account:


                                      ITS Help Desk,
                                      2018. All Rights Reserved.

                                      • March 1, 2018

                                        2018-03-01 | Phishing Message

                                        Re: [name]

                                        Dear [name],

                                        Congratulations! You are invited to join Honor Society. Our records indicate that you have not yet accepted your Honor Society membership and benefits.

                                        Accepting this distinction connects you with like-minded high achievers from your region and across the nation, both in person and through our society's web portal. Honor Society is a lifetime network, built to help you succeed. Your satisfaction as a member is our highest priority and guaranteed. Take a moment to activate your membership now:


                                        Activate your Honor Society Membership

                                        etc. etc.

                                        • Feburary 21st, 2018 Phishing Message

                                          2018-02-21 | Phishing Message

                                          Paid Invoice

                                          I was following up to find out when we can expect payment on the attached invoice.


                                          [sender's email address]

                                          • Feburary 16th, 2018 Phishing Message

                                            2018-02-16 | Phishing Message

                                            RE: Support.

                                            Notice from Support!, All employees are advised to manually update their web server to complete the update process and migrate to the new version of Microsoft web mail service. CLICK HERE TO PROCEED

                                            IT Support
                                            Webmail Center.
                                            © Copyright 2018 Support.
                                            All right Reserved.
                                            ************************** IMPORTANT NOTICE: This e-mail message and all attachments, if any, may contain confidential and privileged material and are intended only for the person or entity to which the message is addressed. If you are not an intended recipient, you are hereby notified that any use, dissemination, distribution, disclosure, or copying of this information is unauthorized and strictly prohibited. If you have received this communication in error, please contact the sender immediately by reply e-mail, and destroy all copies of the original message.

                                            • January 31st, 2018 Phishing Message

                                              2018-01-31 | Phishing Message

                                              Undisclosed Message

                                              You have (1)important unread messages from Kennesaw State University, Click on View to read it.

                                              • November 11, 2017

                                                2017-11-10 | Phishing Message

                                                RE: Capital One Reminder

                                                Dear Capital One Customer

                                                Your Capital One Bank Internet Banking has been temporary suspended.

                                                We require you to Unlock your account: Unlock Access

                                                Samuel S. Olens| Capital One Security Department

                                                • November 11, 2017 Phishing Message

                                                  2017-11-10 | Phishing Message

                                                  RE: Reminder

                                                  Dear Capital One Customer

                                                  Your Capital One Bank Internet Banking has been temporary suspended

                                                  We require you to Unlock your account: Unlock Access

                                                  Stephanie Paynter
                                                  Capital One Security Department

                                                  • November 11, 2017 Message

                                                    2017-11-10 | Phishing Message

                                                    RE: IMPORTANT

                                                    Dear Capital One Customer

                                                    Your Capital One Bank Internet Banking has been temporary suspended.

                                                    We require you to Unlock your account: Unlock Access

                                                    Samuel S. Olens| Capital One Security Department

                                                    • November 11, 2017 Phishing Mesaage

                                                      2017-11-10 | Phishing Message



                                                      I am Miss. Georgiana Kuasi, the only daughter of late Chief and Mrs. Donald Kuasi, I am 20 years old my father was a gold merchant in Aviory Coast, my both parents died on February 2014 in a fatal motor accident.

                                                      After the death of my parents, I discovered documents which show he deposited the sum of (Us 5 Million Dollars) in a Bank, and he used my Name Georgiana Kuasi as his only daughter for the Next of Kin as writing in the deposit document.

                                                      Dear, I am seeking for your assistance in the following ways:

                                                      (1) To help me retrieve the fund from the Financial Institution and provide a bank account into which this money would be transferred to.

                                                      (2) To serve as a guardian of this fund and help me invest it in a lucrative venture.

                                                      I am willing to offer you 20% of the total sum as compensation and another 5% will be set aside for any expenses. Please respond if you are willing to assist me, I will give you further information immediately I received your response.

                                                      Anticipating hearing from you.


                                                      Georgiana Kuasi.