Feed on
Posts
Comments
Subject: RE: Action Required, Staff only
All Staff are expected to migrate to the new office365 portal to access the below, Clickhere to Migrate:
·                     Access the new staff directory
·                     Access your pay slips and P60s
·                     Update your ID photo
·                     E-mail and Calendar Flexibility
·                     Connect mobile number to e-mail for Voicemail
The link went to a site NOT associated to Wesleyan.  The From address was not a Wesleyan address.  If you receive this email please, delete it.  If you hover over the “Clickhere” link you get a very questionable address that I have modified–
http://office365-928369-staff038migration.010xxxxxxapp.com/

This is a scam alert rather than a Phish as it is looking for you to send money and not hunting for credentials.

From: John Stezaker <johnstezaker@aol.com>
Date: May 13, 2017 at 8:24:37 AM EDT
To: xxxxxx@wesleyan.edu
Subject: Re: Inline Image

Dear Xxxxxx,

I got your application email and approved you to work for me. I hope you will be able to carry out all tasks needed by you. I have few tasks I would like you to complete for me today. Remember your first impression really matter as this is a new employment.

You will make bill payments to suppliers who I pre-ordered some art materials from and need us to meet their depository demands, After which you will purchase some Items at Walmart and mail them to specific orphanage homes we supply kids materials every month. I hope you are not from Walmart, Staples or Office depot.

Your first assignment funds will be sent through your Email(Electronic Bank Check).E-Check is simply a check delivery service that endorse and guarantee check delivery through E-mail instead of waiting for check in the Mail. No stamps, No envelopes, No going to the mail box – Just log in to your e-mail and click a link to download and print the check.

Once the check has been printed it can be deposited immediately. All You will only need to purchase a Business Check Paper for printing of the check, it’s sold for ($23) at any Stationery store’s, Office Depot or Staples or Office Max. I will re-reimburse you for the cost of supplies. Get the Business Check Paper  today then email me .

Please Note that you need a Printer OK?. I need you to proceed with the business check paper purchase as soon as you read this email and confirm you are doing that right away.

In order for you to receive your fee, take the payment to your bank and have it DEPOSITED in your bank account for funds to be available . You can also make an ATM deposit or mobile check deposit  if it happens your bank is a little but far or  bank closes so that the funds can be available the next day to complete the assignment on time. Once funds are Deposited I will send you the Instructions on what you are purchasing at Walmart and bill payments to be completed.

Regards

From: Hurtado, Maritza [mailto:hurtadom@CoastalCarolina.edu]
Sent: Wednesday, May 17, 2017 6:42 AM
To: info@mail6.com
Subject: IIGTN
 
Important Notice Faculty & Staff
 
We have upgraded to (4GB web E-Space 2017)
Please login to your account to validate E-Space. Your
account is still open for you to send and receive mail.
CLICK HERE to sign in and migrate.       <——–hovering over the link–ocus.jimdo.com.  Not the same address as the “from” address.
 
Sincerely,
Information Technology Services
Thanks for your cooperation.
Copyright ©2017 IT Center Internet Rights Reserved

From: Dillon Riley via DocuSign [mailto:dse@docus.com]
Sent: Monday, May 15, 2017 12:08 PM
To: wesleyan user <xxxxxx@wesleyan.edu>   <—-This was a legitimate Wesleyan employee
Subject: Completed wesleyan.edu – Accounting Invoice 314443 Document Ready for Signature

 Screen Shot 2017-05-15 at 2.07.12 PM

There is an attachment that goes with this that you should delete.  And note the poor grammar and incomplete sentences.

 

From: Apple Inc. [mailto:asignn-experience29@mail-icloud-manage.com]  <—– Not a valid Apple address
Sent: Friday, May 12, 2017 12:06 PM
Subject: Order Confirmation
 
Recently we made a payment and purchase with a different billing, we inform you that we have locked your Apple ID for security reasons, and will open automatically after you confirm us. download the attachment(PDF) for unlock Apple ID and detail information.
 
Sincerely
Apple Support

The following Phish has not hit us, yet. However, it is being reported at several colleges and thought it best to make this available before we see examples, here. The link in this picture/screenshot does not go to anywhere in University of Michigan site but to an external site that asks for credentials.

 

05:12:2017 Subject- Library Account

6 buildings had their wired connections interrupted after a software problem on their switches this morning:

Admission
Fisk
GLS
Astronomy
Clark
ITS (Exley)

Some buildings are already back online.  The rest should be fully restored in 30-45 minutes.

This is a slight twist on yesterday’s reported GoogleDoc attack.  Please, if you are expect a GoogleDoc from someone then call and verify they sent it to you. Do not just click the link as chances are very high it is the phishing attack and your account and computer will be compromised.
From: Campus Community [mailto:support@list.heug.org]
Sent: Thursday, May 04, 2017 3:07 AM
To: cc.ps@list.heug.org
Subject: [CC.ps] – List Digest, May 03, 2017
 
The following posts were made on May 03, 2017
  1. CommGen w/ Checklist Item Description Rich Text – (Margaret Gotter)
  2. Lauri Enger has shared a document on Google Docs with you – (Pam Lantzy)
 

View mailing list online   Start new thread via email   Unsubscribe from this mailing list   Manage your subscription  

This email has been sent to: xxxxxx
@wesleyan.edu
HEUG.Online supported in part by:
An Oracle Platinum Partner since 1990

Ciber, Inc.

http://www.ciber.com/erp/oracle/

Use of this email content is governed by the terms of service at:

https://www.heug.org/p/cm/ld/fid=403

From address: Hhhhhhhhhhh@mailinator.com

There is an attachment to the email but PLEASE, DO NOT click it. The attachment runs a script that will in effect, hijack your google account, lock you out of it and make all of your data in your Google Drive vulnerable to reading and theft.

I don’t have an example of an email as we were fortunate enough to miss this one.  However, it may still make the rounds to us if the bad guys update their phish and setup new servers.

Please, continue your vigilance of being suspicious of email.  Especially, of email with attachments from colleagues or friends from whom you are not expecting anything.

If an email just seems “off” then feel free to submit it to your DSS or security@wesleyan.edu. There it will be checked. If it is found to be Phish it will be neutered and posted for all to see and be made aware of.

Thank you,

Vince Spiars

 

From: Raul Castillo Rojas [mailto:rcastillo@imarpe.gob.pe]
Sent: Wednesday, April 19, 2017 6:37 PM
Subject: Attn
 
Your Mail Box Exceeded it storage limit CLICK HERE TO UNBLOCK Fill and click SUBMIT for more space or you wont be able to send Mail.
——————————————————————————————————————————————————–
There is no signature, the From address is not a Wesleyan.edu and the link goes to a googledock that is infected with a payload.

Older Posts »

Log in