Signed Document Scam (6/6/17)

Here is a straightforward scam. Please be sure to hover your cursor over links before clicking on them. If you don’t recognize the link or sender, delete it!

From: <Tony.Stark@StarkEnterprise.com>
Date: Tue, Jun 6, 2017 at 10:09 AM
Subject:
To: furyn@shield.edu

 

You have a document waiting from:

Tony Stark

Please sign the below Document

Finance_report_first_quarter_2017

 

Comments Off on Signed Document Scam (6/6/17)

Helpdesk 6/7/2017

The following scam attempts to trick its victims into clicking on a link. Notice the generic language, unknown sender’s address, and the masked URL, all of which are tell tale signs of a scam. If you received this email, then please ignore and delete it.
____________________________________

Date: June 6, 2017 at 8:57:50 PM EDT
Subject: HelpDesk

This message was sent securely using ZixCorp.
Your e-mail account was LOGIN today by Unknown IP address, click on the Administrator link below to validate your e-mail account or your account will be temporary block for sending more messages.

Click Below:
(malicious link removed)

Comments Off on Helpdesk 6/7/2017

Gossip scam (6/6/17)

The following scam attempts to trick its victims into clicking on a link. Notice the generic language, unknown sender’s address, and the masked URL, all of which are tell tale signs of a scam. If you received this email, then please ignore and delete it.

____________________________________

What was Jane talking about this morning?
1 message

Donna.XXXX@couponalerts.us <Donna.XXXX@xxxxxalerts.us> Tue, Jun 6, 2017 at 10:37 AM
To: xxxxxxx@vcu.edu

I know you wasn’t at the meeting, but did you see the presentation…

SlideShow

Financial

Comments Off on Gossip scam (6/6/17)

External Scam (5/31/17)

There are some days where it seems like the evil phisher-people are not even trying. This is a straightforward scam in which they are looking to see if you will respond so they know you have an active mail account. Once the response is received, they will really ramp up the spam mail. Delete, and move on. Nothing to see here. There is NO important information waiting on the other end.

 

From:Evil.Hacker [mailto:edbaddude@evilcorp.it]
Sent: Tuesday, May 30, 2017 10:45 PM
Subject: [EXTERNAL]

I’m Ms Betty Alexandre of the International Bank Credit Analyst, I have important information to relate with you, contact me via:easyphish@protonmail.com

Comments Off on External Scam (5/31/17)

Question Scam (5/31/17)

Emails similar to the one below commonly come across the wire here at VCU. Typically, they are a targeted attack that focuses on researchers or high level educators. This particular email was sent unsolicited and had the attachment (removed). Often, when an attachment is included, it can be previewed through most mail apps. However, there are times when malicious scripts are embedded into the attachment, and they will launch upon download and opening the files.
Please delete and do not respond to these types of emails. If you do not have a working relationship with the sender, they should not be sending you unsolicited emails with their “work.”
From: bokhan victar [mailto:l337spam@yandex.by]
Sent: Wednesday, May 31, 2017 1:33 PM
To: vicniceguy@vcu.edu
Subject: question

Hello. I have an article on philosophy. I’ve already posted it (and get a
code DOI) in German. Now I want to “mark” the position expressed in the
article in English (in Scopus). Subject to my mind a very hot. I’m looking
collaborator for a new (based on current) article. Can you give me some
contact potential partners, which I could show my article?
DOI 10.12851/EESJ201410C06ART04

Attachments area
Comments Off on Question Scam (5/31/17)

Package Scam (5/25/17)

The following scam attempts to trick its victims into clicking on a malicious link. Notice the generic language and unknown sender; both are tell-tale signs of a scam. Please do not click and delete this message if you received it.

________________________________________________________

From XXXX@advanced-xxxx.info

Subject: Package

Hi,

A package was delivered to us by mistake… I think

I opened the box and noticed your name on the invoice… Coming up the summer I thought it may be personal or work related

We are just down the road by the McDonald’s. I can drop it off for you if you like.

I took a picture of your invoice, but can’t make out the name. I can clearly see your email address though.

Click here to see the picture

Comments Off on Package Scam (5/25/17)

Facebook login scam (5/25/17)

The following scam attempts to trick its victim into clicking on a malicious link. Notice the unknown sender and the lack of a URL for the login link; both are tell tale signs of a scam. Please ignore and delete this message if you received it.

_______________________________________________________

From:xxxxxxx@xxxxxxxxelay.us
Date: May 25, 2017, 10:57 AM -0400
To:
Subject: Did you attempt to log into my facebook by accident?

Was this you …..?

We have detected an unauthorized login attempt. 10 or more incorrect passwords in a row were attempted. Please log int to veify any changes.

111.1111.3.152:80/InvalidAttempt

Comments Off on Facebook login scam (5/25/17)

Procurement Scam (5/24/17)

The following scam attempts to trick its victims into downloading and opening a malicious attachment. Note the non-VCU sender’s address and generic language; both of which are tell-tale signs of a scam. Please delete this message if you received it.

___________________________________________

From: “Abbas A.Rasool” <imports.xxxxxxx@gmail.com>
To:
Cc:
Bcc:
Date: Sun, 21 May 2017 10:20:29 -0700
Subject: PO #34890 (DUBAI)
Dear Sir,

Good day

Regarding the mentioned PO, kindly confirm your receipt and approval of our order, and please update us with your delivery schedule.

Thank you in anticipation and for your usual cooperation.

Best Regards
Abbas A.Rasool
Procurement Department

P.O. Box 32440, Road:4903, Block:949, Bldg:164, East Riffa
T : (971) 17702700, Ext: 237 | F : (971) 17700054 | M : (971) 37770083-(971) 36688756

This communication is intended for the above named person and is confidential and / or legally privileged. Any opinion(s) expressed in this communication are not necessarily those of Wires International. If it has come to you in error you must take no action based upon it, nor must you print it, copy it, forward it, or show it to anyone. Please delete and destroy the e-mail and any attachments and inform the sender immediately. Thank you.

Wires International is not responsible for the political, religious, racial or partisan opinion in any correspondence conducted by its domain users. Therefore, any such opinion expressed, whether explicitly or implicitly, in any said correspondence is not to be interpreted as that of Wires International.

Wires International may monitor all incoming and outgoing e-mails and it has taken steps to ensure that e-mails and attachments are free from any virus, we advise that, in keeping with best business practice, the recipient must ensure they are actually virus free.

Comments Off on Procurement Scam (5/24/17)

New Event Notification Scam (5/24/17)

The following scam attempts to trick you into clicking on a malicious link. Notice the non-vcu.edu email address and generic message; all of which are tell tale signs of a scam. Please delete this message if you received it.

___________________________________________________

From: <Amanda@businessdesc.info>
Date: Wed, May 24, 2017 at 10:20 AM
Subject: New Event Notification
To:

Event Change Notification

Event 2017 has changed. Please review the changes.

Change Notification

Comments Off on New Event Notification Scam (5/24/17)

Hi Scam (5/22/17)

This and similar styled emails have been hitting VCU more and more recently. In this email we see an unsolicited email with a generic “observation” that has been uploaded to Dropbox. The link itself was posted in full and doesn’t even go to Dropbox. Not only is this a poor phishing attempt, but it is extremely easy to avoid. Delete it and do not forward it if you receive it.
From: <SBSteve@evil.com>
Date: Fri, May 19, 2017 at 7:39 PM
Subject: Hi
To: goodguygreg@vcu.edu
I have uploaded an important observation using Drop Box. Please Copy the below link to open Document You’ll be prompted to login. I would be contacting you for further review later in the day.
http://evilbadstuff.com.au/ist/drive/index.html
Comments Off on Hi Scam (5/22/17)