Current Security Threats

FOR MORE INFORMATION ON HOW TO HANDLE AND RECOGNIZE A PHISHING ATTEMPT, PLEASE VISIT THE PHISHING INFORMATION PAGE ON THE INFORMATION SECURITY OFFICE WEBSITE AT: WWW.WEBER.EDU/ISO/PHISHING.HTML.

Phishing Attempt (3/31/2016) - RE: URGENT STAFF MESSAGE

From: Karen A. Christopher <<removed>@shenet.org>
Date: Thu, Mar 31, 2016 at 2:48 PM
Subject: RE: URGENT STAFF MESSAGE
To:

Attention,

Your Password Expires in 2 hours you are to change your Password below via the ACCOUNT MANAGEMENT PAGE.

Click on CHANGE-PASSWORD <link removed>

If Password is not changed in the next 2 hours your next log-in access will be declined.

If you do find any difficulties to Changing your Password please contact the ITS Helpdesk.

Regards,

ITS Helpdesk.

Scam Attempt (3/29/2016) - CCE29032016_00017

From: <removed>@weber.edu
Date: Tue, Mar 29, 2016 at 10:38 AM
Subject: CCE29032016_00017
To:

<Attachment Removed: CCE2902016_00017.rar>

Scam Attempt (3/28/2016) - Document (1).pdf

From: netadmin <<removed>@weber.edu>
Date: Mon, Mar 28, 2016 at 8:20 AM
Subject: Document (1).pdf
To:

Document (1).pdf

<Attachment removed: Document (1).zip>

Scam Attempt (3/9/2016) - Travel Issues...Help

From: Pat Guehler <<removed>@aol.com>
Date: Wed, Mar 9, 2016 at 7:23 AM
Subject: Travel Issues...Help
To: 

Good Morning,
I'm writing this with tears in my eyes, my family and i came down here to Marseille on a short trip,unfortunately we were mugged at the park of the hotel where we stayed all cash,credit card and mobile phone were stolen off us but luckily we still have our passports with us.
        I made contact with my bank but it would take me 5 working days to access funds in my account,the bad news is our flight will be leaving in less than 8-hrs from now but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills.
I'll need your help financially and i promise to make the refund once we get back home,Please let me know if i can count on you and i need you to keep checking your email because it's the only way i can reach you.

I anticipate your response
    Pat Guehler

Phishing Attempt (3/7/2016) - Upgrade to the new G mail Database Email System

From: The Gmail Team <<removed>@york.ac.uk>
Date: Sun, Mar 6, 2016 at 4:36 PM
Subject: Upgrade to the new G mail Database Email System
To:

Dear G mail Account Users,

Upgrade to the new G mail Database Email System for Email Efficiency , this will eliminate email traffic delay Failure to Upgrade may lead to Loss of incoming and outgoing Mails in your mail box functionality.Upgrade Now <link removed>

Google Email Admin Service 2016.

Phishing Attempt (3/2/2016) - Your email storage is almost full

From: Neurology Research <<removed>@bastyr.edu>
Date: Wed, Mar 2, 2016 at 5:43 AM
Subject: Your Email storage is almost full.
To:

Your email account has used 23.7 GB (95%) of 25 GB.

You will be unable to send and receive messages if you do not reset your account storage space to a higher limit.

Click Manage <link removed> to reset and validate your account.

Mail Desk

Phishing Attempt (2/10/2016) - $10 gift card for faculty and staff at Weber State

From: Hamblin Insurance Financial Services <@gmail.com>
Date: Wed, Feb 10, 2016 at 11:24 AM
Subject: $10 gift card for faculty and staff at Weber State
To:

I am a local agent who helps university employees to save money on their insurance needs. We are giving away Restaurant.com gift cards to Weber State employees. Please take a moment to fill out the form by clicking on the link below. Once you have filled out the quote request form, your $10 card will be emailed to you within 24 hours.

https://www.surveymonkey.com/ <link removed>

Dallas Hamblin
Hamblin Insurance & Financial Services
66 Exchange Place
Salt Lake City, UT 84111

To unsubscribe from our list, please reply to this email and type "Remove" in the subject line.

Phishing Attempt (2/1/2016) - Tax Refund Status

From: IRS.online.services@irs.gov <<removed>@cm201u.org>
Date: Sat, Jan 30, 2016 at 12:24 PM
Subject: Tax Refund Status
To:

IRS Logo

Dear Taxpayer,

We have created a secured Letter using IRS Secure Email Access.

To access this doc, please click on link below to view the secure IRS Tax Notice, Its important.

www.irs.gov/whereismyrefund <link removed>

This is an automated email. Please do not reply.

Sincerely,
IRS Online Services

Phishing Attempt (1/29/2016) - IT Service Desk!

From: removed <removed @mvisd.com>
Date: Fri, Jan 29, 2016 at 8:15 AM
Subject: RE: IT Service Desk!
To:

To All Faculty & Staff,

This is to inform you that we are currently upgrading all Mailbox Quota to 50GB inbox space for all Staff/Employee/Faculty and also conducting a General Mailbox Cleanup routine. This is done to improve the security and efficiency due to recent spam mails received.

Click Here <link removed> to verify your Mailbox to Switch to the current Outlook Webmail 2015 with 50GB inbox space.

Please Note That: We will start deactivating unverified and inactive Mailbox Accounts after 24 hours of receiving this message.

Thanks
Help Desk Admin/Cleaup Team.

Phishing Attempt (12/29/2015) - Important Security Alert

From: noreply@weber.edu
Date: Tue, Dec 29, 2015 at 8:36 AM
Subject: Important Security Alert
To:

Our records indicate that your Webmail Account was flagged and has upshot an internal error on our processor.

For security reasons, you must verify the validity of your Webmail account.

You can click here to re-login CLICK HERE <link removed>

Best regards,
Help Desk

Phishing Attempt (11/19/2015) - Help Desk

From: Admin
Date: Thu, Nov 19, 2015 at 1:54 PM
Subject: Help desk
To:

To All Faulty\Staff

We detect your mail has been affected with Virus, and will be shutdown if not validated within 24hours. Please update your mailbox by clicking on following link:

<link removed>

Regards,
IT Service Desk Support.

Phishing Attempt (11/17/2015) - To All

From: <removed>
Sent: Tuesday, November 17, 2015 9:36 AM
To: <removed>
Subject: To All

To All

We currently upgraded our Server to 50GB inbox space. Please log-in to your user account to validate E-space.

Your emails won't be delivered by our server, unless email account is confirmed. protecting your email account is our primary concern, for account update (Web Mail) Click on Outlook Web Access <link removed> should you have any questions please contact the IT Helpdesk.

INSTITUTE OF EDUCATION.
Copyright ©2015 ITS Help Desk

Phishing Attempt (11/17/2015) - Weber.edu Webmail Notification

From: Weber.edu Help Desk
Date: Tue, Nov 17, 2015 at 2:49 PM
Subject: Weber.edu Webmail Notification
To:

Dear User,

To make sure you are always protected, We are currently upgrading our webmail to enhance your data internet security.

Sequel to the new security measure, our records indicate that your webmail was flagged and has upshot an internal error on our processor.

For security reasons, Click on the link below to update and access your webmail http://www.weber.edu/wildcatmail

Best regards,
Weber.edu Webmail Team

Phishing Attempt (11/4/2015) - unusual activity

From:
Date: Wed, Nov 4, 2015 at 1:01 PM
Subject: unusual activity
To:

Dear All,

Kindly check your wellsfargo account through the link below if you are using wellsfargo bank to make sure that your account is not among those that was compromised recently as wellsfargo bank detected unusual activity on their database.

www.wellsfargo.com/verify

--

**Please include your W#**

Phishing Attempt (11/4/2015) - Important Security Alert

From: Weber.edu Alert
Date: Wed, Nov 4, 2015 at 3:17 PM
Subject: Important Security Alert
To:

Our records indicate that your account was flagged and has upshot an internal error on our processor.
For security reasons, you must verify the validity of your web-mail account.

Please click here the link below

https://portalapps.weber.edu/cassso/default.aspx

Phishing Attempt (10/19/2015) - Important Security Alert

From: Weber State University Alert
Date: Mon, Oct 19, 2015 at 9:59 AM
Subject: Important Security Alert
To:

Dear User,

To make sure you are always protected, We are currently upgrading our webmail to enhance your data and internet security.

Sequel to the new security measures, our records indicate that your webmail was flagged and has upshot an internal error on our processor.

For security reasons, Click on the link below to update and access your webmail

http://www.weber.edu/wildcatmail

Best regards

Phishing Attempt (10/19/2015) - ICT Service

From: "removed"
Date: Oct 19, 2015 7:57 AM
Subject: ICT SERVICE
To:
Cc:

Attention: E-mail User,

You have exceeded your E-mail account limit quota of 250MB and you are requested to expand it within 24 hours or else your E-mail account will be disable from our database.

===> CLICK HERE : ICT SERVICE UPGRADE with the complete information requested to expand your Outlook account quota to 1GB.

Thank you for using E-mail services.

©2015 Office Information Center.
All rights reserved.

Phishing Attempt (10/9/2015) - Treat as Urgent

From: "Weber State Career Services"
Date: Oct 9, 2015 7:20 PM
Subject: Treat as Urgent
To:

Dear User,

To make sure you are always protected, We are currently upgrading our webmail to enhance your data and internet security.

Sequel to the new security measures, our records indicate that your webmail was flagged and has upshot an internal error on our processor.

For security reasons, Click on the link below to update and access your webmail

http://www.weber.edu/wildcatmail

Best regards

Phishing Attempt (10/9/2015) - Important Security Alert!

From: Weber Help Desk
Date: Fri, Oct 9, 2015 at 5:00 PM
Subject: Important Security Alert !
To:

Dear User,

To make sure you are always protected, We are currently upgrading our webmail to enhance your data and internet security.

Sequel to the new security measures, our records indicate that your webmail was flagged and has upshot an internal error on our processor.

For security reasons, Click on the link below to update and access your webmail

http://www.weber.edu/wildcatmail

Best regards
Help Desk

Phishing Attempt (10/6/2015) - Weber.edu Webmail Notification

From: Weber.edu Help Desk <removed>@itcsa.net
Date: Tue, Oct 6, 2015 at 12:50 PM
Subject: Weber.edu Webmail Notification
To:

Dear User,

To make sure you are always protected, We are currently upgrading our webmail to enhance your data and internet security.

Sequel to the new security measures, our records indicate that your webmail was flagged and has upshot an internal error on our processor.

For security reasons, Click on the link below to update and access your webmail http://www.weber.edu/wildcatmail

Best regards
Weber.edu Help Desk

Phishing Attempt (9/24/2015) - Suspicious Activity Alert

From: <<removed>@weber.edu>
Date: Thu, Sep 24, 2015 at 11:24 AM
Subject: Suspicious Activity Alert
To:

Dear <removed> ,

We have detected an increase in suspicious network activity and attempts to compromise individual Weber accounts. Please log into your account to verify that your password hasn't been changed, and to check your personal settings in your profile to make sure settings haven't been changed, especially your direct deposit information. If you notice any suspicious activity, please report it immediately.

https://ushesite.net/weber

Thank You.

IT Department

Phishing Attempt (9/1/2015) - WSU Neuroscience Club Share a document with you

From: WSU Neuroscience Club <<removed>@weber.edu>
Date: Tue, Sep 1, 2015 at 5:58 AM
Subject: WSU Neuroscience Club Share a document with you
To:

WSU Neuroscience Club Share a document with you, it's stored online using Drop Box . Click on this link <link removed> Drop Box and access with your email address just to view and read

Sincerely
WSU Neuroscience Club

Phishing Attempt (8/24/2015) - Open to Fill Up The Attached Form

From: Coca-Cola Company <removed>@weber.edu
Date: Mon, Aug 24, 2015 at 12:50 AM
Subject: <Open to Fill Up The Attached Form
To:

Attachment was a document named B.rtf, supposedly from the Great Britain Coca-Cola Award Department.

Phishing Attempt (8/23/2015) - Admin Web Server

From: <removed>@weber.edu
Date: Tue, Aug 18, 2015 at 10:49 AM
Subject: Admin Web Server
To:
Dear: Faculty/Staff/Student,
Your Password will expire in 2 days. Please Click Here <link removed> to update your email account immediately
Webmail Technical Support Helpdesk
219.010.9.3

This email is free from viruses and malware because avast! Antivirus protection is active.

Phishing Attempt (8/18/2015) - Admin Web Server

From: <removed>@weber.edu
Date: Tue, Aug 18, 2015 at 10:49 AM
Subject: Admin Web Server
To:
Dear: Faculty/Staff/Student,
Your Password will expire in 2 days. Please Click Here <link removed> to update your email account immediately
Webmail Technical Support Helpdesk
219.010.9.3

This email is free from viruses and malware because avast! Antivirus protection is active.

Phishing Attempt (6/24/2015) - Alert!!!

From: IT Support Desk <removed>@uni.edu>
Date: Wed, Jun 24, 2015 at 5:36 PM
Subject: Alert!!!
To:


Your Email Access have been restricted, due to several hours of in-activeness on-line. For your e-mail access restoration Please *CLICK HERE* <link removed>


Thanks

Phishing Attempt (6/17/2015) - FACULTY/STAFF ALERT!!!

From: Mabindisa, Nandipha
Sent: Wednesday, June 17, 2015 4:56 PM
To: Mabindisa, Nandipha
Subject: FACULTY/STAFF ALERT!!!

Dear Email User,

Your password Will Expire In The Next TWO {2} Days Current Faculty and Staff Should Please Log On To IT WEBSITE <link removed> To Validate Your E-mail Address And Password,Or Your E-mail Address Will Be Deactivated.Thank You.
ITS help desk
ADMIN TEAM

©Copyright 2015 Microsoft
All Right Reserved.

Phishing Attempt (6/12/2015) - Please confirm activity

From: CHASE FRAUD ALERT
Date: Fri, Jun 12, 2015 at 3:59 PM
Subject: Please confirm activity.
To:

Phishing Attempt (6/11/2015) - VERY IMPORTANT

From: <removed>@weber.edu
Date: Jun 11, 2015 5:27 PM
Subject: VERY IMPORTANT
To: 
Cc: 

 Hi,

I have created a secured shared document using Google Doc

To access this document, please click on  PdfDocument link below and for security reasons, you have to log on with your email to view it, its very important.

PdfDocument <link removed>

Thank You

The link from the email above was a bit.ly link.  This link would have taken you to a page on a server that is not associated with Weber.  Be careful about clicking on these links.  Just going to that site would have infected your computer with malware.

To see where a link would have taken you, hover over the link and verify that is the site you wanted to visit. 

Phishing Attempt (6/8/2015) - PDFfile

From: <removed>@ weber.edu

Date: Mon, Jun 8, 2015 at 1:52 PM
Subject: PDFfile
To: 

Hello,

I have created a secured shared document using Google Doc PDF Reader

To access this document, please click on PDFfile  link below and for security reasons, you have to log on with your email to view it, its very important.

PDF-file <link removed>

Thank You

Phishing Attempt (4/28/2015) - Notification) 

Dear Weber.edu Account User,

This is a courtesy notice from your Weber.edu Admin Team, and it's to inform you that your email account has exceeded it's mail quota on the database server. Your email account will be blocked from sending and receiving emails if your email account is not verified within 24-48 hours.

!!!You are advised to click the following link below and also follow the instructions to verify your account.

http:// systemservicecentr0. wix. com/ weberservice

Sincerely,
Weber.edu IT Service Desk.