ATTENTION

NEVER accept a DUO Multifactor Authentication request if you did not attempt to log in recently!

If you receive an unsolicited DUO  push, immediately go to https://netid.kennesaw.edu and reset your password.

The Phish Market is a list of recent emails that were reported to the KSU Office of Cybersecurity as possible phishing attempts on the University community. The Office of Cybersecurity has confirmed these messages as malicious phishing attempts. If you have received an email that you believe may contain a phishing attempt, it is possible that some of the language and links differ from similar messages posted on the Phish Market. It is not uncommon for malicious actors to create variant messages.

We update this list regularly but it is possible that you received the message before it is published to the Phish Market.  If you mistakenly provided credentials to a confirmed phishing email, please change your NetID password immediately at https://netid.kennesaw.edu.  If you receive a suspicious email not in the Phish Market, please forward it to abuse@kennesaw.edu.

Email is the official method of communication at Kennesaw State University. All announcements and business related correspondence are conducted through official Kennesaw State University email accounts. Any email claiming to be an employee of the university that does not originate from an “@kennesaw.edu” address should be held in suspicion, especially if it claims to be from a person of leadership. Please follow the reporting instructions above if you receive suspicious emails that meet these criteria.

How can you identify what is a legitimate email message and what is not?

  • Look for [EXTERNAL] in the email subject line and inspect the display name on the "From:" address. Verify that the name on the email corresponds with the email address. For example, the name on the address could be KSU Service Desk, but if the email address does not contain "@kennesaw.edu," the email is likely spam or phishing.
  • Check (but do not click) the links to web sites. Hover your cursor over any links in the message and note the address. Does the address make sense and match the rest of the content of the email? For example, links to most KSU or USG sites will include kennesaw.edu or usg.edu. The same is typically true of other companies.
  • Take time to think it through - it is easy to forge an "official" email. Phishers can use company logos, photos, and even spoof email addresses to make their attempts look more legitimate. Take extra caution in reviewing an email that you did not expect to receive and asks you to take action.  

In addition:

  • Report malicious/suspicious emails.  If you have reviewed the email and are still unsure of its authenticity, please forward it to abuse@kennesaw.edu for the Office of Cybersecurity to review.
  • 2021-8-16

    2021-08-16 | Phishing Message

    From: <NAME> <________@gmail.com> 
    Sent: Saturday, August 14, 2021 9:52 PM
    To: <NAME> <_________@kennesaw.edu>
    Subject: [EXTERNAL] Quick request
     
    Kindly send me your available cell number -- 
    <NAME>
    Interim Chair Department of <Department Name> and Interim Associate Dean for <Department Name>

    • 2021-07-22

      2021-07-22 | Phishing Message

      From: [NAME] (via Google Drive) <drive-shares-noreply@google.com>
      Sent: Thursday, July 22, 2021 12:48 PM
      To: [NAME] <__________@kennesaw.edu>
      Cc: [Several addresses CC'ed]
      Subject: [EXTERNAL] Document shared with you: "Evaluation.docx01.docx" 
       
      _____________ shared a document
       
      _______________ has shared the following document:

      FWD: Kathy “Kat” Schwaig  shared a file request using one drive.


       Evaluation.docx01.docx
       

      <Link to open file> Open


       


      Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
      You have received this email because kkollmann@muhsd.org shared a file or folder located in Google Drive with you.  

       


      [MESSAGE]
      CAUTION: This email originated from outside of KSU. Use caution replying or supplying information, clicking links or opening attachments. If you suspect the message is fraudulent, contact the UITS Service Desk at 470-578-6999 or abuse@kennesaw.edu.

      • 2021-06-24

        2021-06-24 | Phishing Message

        From: [NAME] <scherrerc56@gmail.com> 
        Sent: Wednesday June 23, 2021 2:52 PM 
        To: [NAME] <___________@kennesaw.edu>
        -- 
        Send me your available cell number 

         


        [NAME]
        Interim Department Chair, Professor


        [MESSAGE] CAUTION: This email originated from outside of KSU. Use caution replying or supplying information, clicking links or opening attachments. If you suspect the message is fraudulent, contact the UITS Service Desk at 470-578-6999 or service@kennesaw.edu.[/MESSAGE]

        • 2021-01-07

          2021-01-07 | Phishing Message

          From: [NAME] <execcutivedirector170@gmail.com>
          Sent: Thursday, January 7, 2021 6:51 AM
          To: [NAME] <__________@kennesaw.edu>
          Subject: [EXTERNAL] Task:January 7th

          Confirm your availability? Need you to run a quick request. Get back to me as soon as you can.

          Thanks
          [NAME]

          • 2020-06-30

            2020-06-30 | Phishing Message

            From: [NAME] <_______@students.kennesaw.edu>
            Sent on: Tuesday, June 30, 2020 4:16:01 PM
            To:
            Subject: OPPORTUNITY FOR EVERYONE

            Good Day,


            Certified Field Shoppers are looking for part time workers who are ready to shop in stores and get paid , to help evaluate their customer service and sales performance.
            · You can earn as much as ($2,000.00) Two thousand dollars and above a month.
            · This is a 100% legit part time job.
            · It takes less than 1 hours a week [Part-time]
            · Anyone can apply without affecting their current (Full-time) job.

            <link text> BECOME A MEMBER HERE <link text>

            Your first assignment will be shipped to you immediately we received your details

            This is a great opportunity to make extra money asides your full time job. It's flexible and Rewarding. i tried it!
            Register through the link above and I assure you will not regret it.

            Regards.

            • correction

              2020-02-21 | Phishing Message

              From: Kennesaw State University. <keith.kuhns@rcn.com>
              Sent: Friday, February 21, 2020 10:11 AM
              To: [Name] <_____@_____.__>
              Subject: Re: Email Notification

              We are increasing our Kennesaw State University webmail quota, so you are to click on the Url below or copy past the url in your browser and login for the quota upgrade.

              [Message Link]

              • fghfgh

                2019-10-24 | Phishing Message

                From: [Name]

                [email]@gmail.com
                Sent: Wednesday, October 24, 2019 12:53 PM
                To: [Name]<_______@kennesaw.edu>
                Subject: Quick Request

                 

                Available?

                --

                [Name], [Credential]
                [Title], Department of [Department]

                • 2019-13-09

                  2019-09-13 | Phishing Message

                  From: [Name] [email]@students.kennesaw.edu
                  Sent: Friday, September 13, 2019 3:41 PM
                  Subject: Administrative Assistant Needed From the HR Dept.....

                  Dear Valuable Applicant this is a Part time job offer that will earn you $350 weekly and allowance of $50 by working from anywhere of your choice and 6-8 hrs weekly job description includes data entry and bookkeeping you are required to [text link] Apply here
                  or send a copy of your resume to [email] you will be contacted within 24hrs of signup thank you

                  • 07-08-2019

                    2019-07-27 | Phishing Message with Link(s)

                    From: Jax Jordan <jax@civilemployeeretirementassisting.com>
                    Sent: Saturday, July 27, 2019 5:30 PM
                    To: <_____________> <____________@kennesaw.edu>
                    Subject: TRS/ORP Assistance for Kennesaw State University Personnel

                     

                    Employee [Recipient Name],

                    Each year, as an employee of Kennesaw State University you are eligible to receive a free one-on-one consultation for answers to your specific state, federal and individual retirement benefit questions.

                    At your consultation, you will be provided with information that will tell you what your expected income will be from TRS/ORP when you retire, and how much longer you will have to work. That, along with advice on the best ways to utilize your 401(a) options with your TRS/ORP and/or Social Security benefits.

                    Appointments fill up quickly. If you’d like to secure your spot, click on the link below, or simply reply “yes” to this email.

                    [Message link]

                    All licensed representatives are not employees of the college or TRS/ORP.

                    To opt out of future mailings, click on the following link:
                    [Unsubscribe message link]

                    • 05-06-2019

                      2019-05-06 | Phishing Message with Link

                      From:  <___________@___.edu>
                      Sent: Monday, May 6, 2019 3:20:04 PM

                      To: coles_staff
                      Subject: coles_staff

                       [Contains link to phishing page as seen in image]
                       ... 
                      [Message clipped] View entire message

                      This e-mail may contain information that is privileged and confidential. If you suspect that you were not the intended recipient, please delete it and notify the sender as soon as possible.

                      • 2019-03-29 Phishing Message

                        2019-03-29 | Phishing Message

                        Subject: Re: Happy Birthday!!!

                         

                        Message for [Recipient Name]

                         

                         

                        [link, large blue box] Read this message

                         

                        10:51:17 (Kennesaw)

                        Re: Happy Birthday!!!

                        Watch before: Saturday

                        • 03-014-2019

                          2019-03-04 | Phishing Message

                          Subject: Re: Are you on campus

                          I will call you after the meeting. I need you to help me get a Steam Wallet Gift card from the store and send me pictures. I will reimburse you back when I get back to the office. I need to send it to someone and it is very important because I am still at the meeting and I need to get it sent as soon as possible. Today is my best friend's son's birthday.


                          Thanks!

                          Best regards.

                          Thank you,
                          [Name]

                          [Name], [Credential]
                          [Title], Department of [Department]
                          Kennesaw State University
                          [Address]

                          • 12-13-2018

                            2018-12-13 | Phishing Message

                            Subject: Are you on campus

                            Are you available

                            ©