Quick References

Actual Phishing Email Messages Sent to Cal Poly Users

BOGUS NOTICES RE: EMAIL ACCOUNT EXCEEDING STORAGE LIMITS

From: "Zachary J Herrmann" <non-calpoly.edu email address>
Sent: Friday, March 28, 2014 1:20:47 PM
Subject: Web Admin E-mail Notification

Web Admin E-mail Notification

Your mail quota has exceeded the set quota/limit and you are currently running On Low GB due to hidden files and folder on your mailbox.
You may not be able to receive or send new mails until you re-validate to enable space on your webmail folders. This could also be caused by not validating your webmail as advised previously.

If clicking does not work, copy and paste the URL below in a web browser to verify.

Kindly click or copy and paste the link <link to non-calpoly.edu site> on your browser to re-validate your account and to prevent it from been DE-activated from our webmail database.

Failure to validate your email, your webmail quota/limit may result in loss Of important information In your webmail and this will cause limited access to your own webmail account.

Sincerely Web Administrator.
Web-mail Customer Services 71594822 Copyright c 2014 E! Inc. (Co
Reg.No. 9589386G) All rights reserved.

----- Original Message -----
From: "Cal Poly" <invalidaddress@calpoly.edu>
To: invalidaddress@calpoly.edu
Sent: Wednesday, March 26, 2014 6:20:23 AM
Subject: Account Notification!

You have exceeded your webmail quota, Click on this link to
revalidate your webmail account.

<link to Web form hosted on non-calpoly.edu site displaying Cal Poly logo>

Thanks

----- Original Message -----
From: "Cal Poly" <non-calpoly.edu email address>
Sent: Thursday, March 20, 2014 4:20:52 PM
Subject: Attention Email User;
​​​
​Your mailbox has exceeded the storage limit, as defined by the administrator, and you will not be able to receive new messages until you re-validate your account.

To re validate - Copy or click here : <non-calpoly.edu Web form>

​Secured by Microsoft Internet Security and Acceleration Server
© 2014 Microsoft Corporation. All rights reserved​
​​​​

----Original Message-----
From: California Polytechnic Support <non-calpoly.edu address>

From:Sent: Monday, March 17, 2014 4:38:42 AM
Subject: Last Warning !!! Upgrade To Secure Your Email Account

You have reached the limit of your email quota, you will not be able to
send or receive new mail until you re-validate your mailbox size.

Click Here <link to bogus site>: to re-validate your account

Technical Support
192.168.0.153


From: "Administrator" <non-calpoly.edu address>
Sent: Sunday, March 16, 2014 9:19:52 PM
Subject: Important: SonicWALL Email Security Alert

----------------------------------------------------------------
~~ SonicWALL Email Security Alert (7.4.5.1439) ~~
---------------------------------------------------------------- 
[Summary: A flood has been noticed in your outbound mail activity.]

Details: 
    Description: Number of messages sent from your email ID has exceeded the limit set by your Administrator. Your machine may have been affected. Your outbound mail activity could be affected, if no action is taken, your email will be de-activated in the next 48hrs.

To protect your mailbox from de-activation, you are required to verify your email account. Kindly copy below verification link to your browser and you will be redirected to the verification page, login your email for verification. Thanks for your understanding; we solicit your prompt cooperation.

Verification Link:  http: <link to non-calpoly.edu webform>

Time Stamp: 
    Local Time: Mon Mar 17 01:55:02 2014
    GMT:        Sun Mar 16 20:25:02 2014


BOGUS CAL POLY PASSWORD UPDATE NOTICE

From: "Murphy, Jessica" <non-calpoly.edu email address>
Date: March 24, 2014 at 12:44:03 PM PDT
To: "info@mail.org"
Subject: Please Update Your Password
 
Mailbox Message!
 
Your password will expire in 3 Days Click on Staff and Faculty CLICK HERE <link to non-calpoly.edu Web form> to validate your e-mail.
 
ITS help desk
 
ADMIN TEAM

BOGUS CAL POLY SECURITY SUPPORT ALERT

From: Caroline Snell - MMS
Sent: Mon 3/24/2014 7:59 PM
To: Caroline Snell - MMS
Subject: Admin Help Desk 2014 (c)

This Message is From the Admin Help Desk. Due to our latest IP Security upgrades we have reason to believe that your E-mail account was accessed by a third party.

Protecting the security of your E-mail account is our primary concern; we have limited access to sensitive E-mail account features.

To resolve this issue you have to Re-validate your e-mail account. Failure to Re-validate your E-mail account as soon as you see this message will cause the deactivation of your E-mail account be warned.

Help Desk requires you to validated your email account by clicking HERE <link to secure non-calpoly.edu Web form>

Thank you for your cooperation.
Admin Help Desk 2014 ©


From: "Webmaster" <xxxxxx@gmail.com>
Sent: Tuesday, March 18, 2014 4:37:25 PM
Subject: cpSPAM Warning

This is an automatic message by the system to let you know that you have to confirm your account information. An Attempt has been made to login your account from a new computer, You might not be able to send or receive new mail until you re-validate your  mailbox .To re-validate your mailbox.-    CLICK HERE <link to non-calpoly.edu>

Information Technology
Help Desk


From: System Administrator [mailto:non-calpoly.edu address] 
Sent: Wednesday, March 19, 2014 3:37 AM
To: undisclosed-recipients:
Subject: Your email account is due for upgrade

Your email account is due for upgrade. 

We are currently upgrading our server to serve you better.

Kindly click the link below of copy and paste to your browser to upgrade your email account and avoid email suspension.  

http:<non-calpoly.edu link>

Thank you

Email Service provider.

BOGUS SECURITY NOTICE OF EMAIL ACCOUNT BEING TERMINATED

----- Original Message -----
From: "Your Email Account Will Be Terminated" <warning@calpoly.edu>
Sent: Tuesday, February 26, 2013 10:14:01 AM
Subject: FINAL WARNING

We've noticed some unusual activity in your calpoly.edu, To help protect you and everyone else, we've temporarily  blocked your account. To unblock it, verify your account. By clicking on the link below or copy and past the link on your web browser.

<link to non-calpoly.edu website>

Please you have to login for the verification of your acount.

Your email account will be terminated if you have not verified your email account.

Failure to do this your email account will be suspended fully.


From: "Cal Poly Webmail Service" <notifications@calpoly.edu>
Date: February 24, 2013, 4:16:28 PM PST
To: Recipients <notifications@calpoly.edu>
Subject: E-mail Security Alert!

portal_logo.png (150×41)

Access to your e-mail account is about to expired.

please Click here to restore access to your e-mail account.

We apologise for any inconvenience and appreciate your understanding.

Regards, Cal Poly Webmail Service.

BOGUS EMAIL SERVER UPGRADE NOTICES

----- Forwarded Message -----
From: "Admin" <xxx@gmail.com>
Sent: Monday, February 25, 2013 10:57:43 PM
Subject: re

This is to inform you that we are currently Running Upgrade on our email Server, we are deleting Accounts to create space for new ones. For this reason, all users are advise to confirm upgrade.

From: "Admin" <xxx@gmail.com>
Sent: Monday, February 25, 2013 10:50:30 PM
Subject: Hello!!

This is to inform you that we are currently running upgrade on our email server, we are deleting accounts to create space for new ones. For this reason, all users are advise to confirm upgrade.

Please  CLICK HERE
 
Thanks for your anticipated cooperation,

Webmaster Centre.

BOGUS EMAIL FRAUD SECURITY NOTICE

From: Webmail Technical Support [non-calpoly.edu address]
Sent: Tuesday, February 26, 2013 2:04 AM
To: undisclosed-recipients:
Subject: Re: Dear Account Owner


Dear Webmail Account Owner

A bug has shown in our database that an Attempt has been made to login to your mailbox from an unrecognized location in a new computer.For the security of your account, we are poised to open a query. This account is suspected to have been hijacked or use for spamming, for a proof of ownership and verification of ownership click on this link.

<link to a secure Google docs page>

Otherwise for security reasons we may have to close your account temporarily until our investigation is completed, during this period, you will not be able to login to your account, Please understand that this is a security measure intended to help protect you and your account.

We apologize for any inconvenience.

Thanks for your co-operation.
Fraud Prevention Unit
*******************
Webmail Technical Support
Copyright 2013. All Rights Reserved!
Terms and conditions Apply

BOGUS 'RETAIN YOUR CALPOLY.EDU ACCOUNT' MESSAGE

----- Forwarded Message -----
From: <actual Cal Poly user> <xxxxxxxx@calpoly.edu>
Sent: Monday, December 3, 2012 12:15:53 PM
Subject: If you want to retain your calpoly.edu account

It seems you have not received our notice.If you want to retain your calpoly.edu account you have to respond to this notice ,there would be a removal of all account that fail to upgrade his her account within three days after receiving this notice.You are to fill out below details or your
account will be suspended for security reasons.

Your calpoly.edu Login Email Address:
Your calpoly.edu Password:
Your date of birth:

Copyright ©calpoly.edu

BOGUS ANTI-VIRUS UPDATE MESSAGE

From: "Calpoly mail Administrator" <computerhelpdesk@noreply.com>
Sent: Wednesday, August 22, 2012 7:21:34 PM
Subject: Account Security Update

Dear Email Recipient,

Your e-mail needs to be updated with our F-Secure R-HTK4S new version anti-spam/anti-virus/anti-spy ware 2012.

All you need do is hit the link below and fill in the column and click Submit; Our online web mail Team will update your account. Failure to comply to this notice may lead to the suspension of your account from our services.

<link to non-calpoly.edu web form>

Thank you for your cooperation!

Regards,
Web mail Administrator
Case Number: 7650087 Property
Account Security
C2011-2012 All rights reserved

FAKE PORTAL EMAIL QUOTA PHISHING EMAIL

From: My.Calpoly.Edu.Portal@calpoly.edu
Date: August 22, 2012 2:56:32 PM PDT
To: (Recipient List Suppressed)
Subject: Final Warning!!!
Reply-To: My.Calpoly.Edu.Portal@calpoly.edu

Notice!!!

Click Here <link to non-calpoly.edu web form> To Retrieve Your Email Quota.

Thanks For Co-operating with Us.
copyright © 2012 California Polytechnic State University

GENERIC PHISHING EMAIL WITH CALPOLY SIGNATURE

Subject: Important Information About Your Webmail Account.
From: "CALPOLY.EDU WEBMAIL ADMIN HELPDESK" <NOREPLY@calpoly.edu>
To: undisclosed-recipients:;

CALPOLY.EDU WEBMAIL ADMIN HELPDESK

Your mailbox has exceeded the storage limit, which is 3GB, as indicated by your administrator, Your mailbox is currently running at 3.69GB, you may not be able to send or receive new messages until you re-validate your mailbox . To re-validate your mailbox, click on the link below and re-confirm your mailbox:

<non-calpoly.edu web link>

If the link above does not work, copy and paste the link below to your browser window.

http://calpolyupdate.webs.com/contact

Thanks,
@CALPOLY.EDU Webmail Update Team.
-------------------------------------------------------------------------
This information is directed in confidence solely to you, and may contain confidential information. This information may not otherwise be distributed, copied or disclosed. Thank you for your cooperation. CALPOLY.EDU Webmail Update Team @ 2012.

From: ZIMBRA HELPDESK <non-calpoly.edu email address >
Subject: Warning Code: EDU/08.08.12
To:

Kindly click link below and enter your details to Re-validate your email account.

<link to non-calpoly.edu site>

Regards.
Zimbra Email Service 2012.


From: "California Polytechnic State University" <phonyaddress@calpoly.edu>
Subject: Notice!!!

You have received a private message from your old friend who wished to get back in-touch with you. Please use the Cal Poly Private link below to login and view your message and possibly get in contact with your old friend.

<link to non-calpoly.edu website>

Sign,

<Potentially Real Name>
Cal Poly Info Centre
San Luis Obispo, California 93407
© 2012 California Polytechnic State University


From: "Calpoly Private" <realaddress@calpoly.edu>
Subject: Important Message

California Polytechnic State University
1 Grand Ave.
San Luis Obispo, CA 93407
805-756-1111

Deal All

Be informed that a private message have been sent to you by your old friend who wish to get back in-touch with you.
Please use the Calpoly private contact viewer to login and view the message from your old friend, and possibly contact him/her after logging in.

<https:// link to google doc>

You can also copy the above login link to your browser in order to login and view your private message.

Sign,
<Potentially Real Name>
Calpoly Info Centre
© 2012 California Polytechnic State University


From: Calpoly Private <realaddress@calpoly.edu>

To: <undisclosed-recipients:;>
Subject: Campus information

All latest information on has been posted on the new page

<shortened link to google docs>

Sign.
service desk


From: "California Polytechnic State University" <realaddress@calpoly.edu>
Subject: News update

You can now login to California Polytechnic State University webmail news forum and get the latest exciting information.use the database link

<link to google doc> to login for more info

Sign.
servicedesk
San Luis Obispo CA 93407
Tell:<real Cal Poly phone number>
California Polytechnic State University


From: California Polytechnic Web Team [mailto:realaddress@calpoly.edu]

To: undisclosed-recipients:
Subject: Dear CALPOLY User

Due to recent Phishing emails sent to CALPOLY Web Users,Your two incoming mails is on pending status as result of our urgent database upgrade Click, <link to google doc> to login in order to Protect your confidential information from future Phishing emails and await Helpdesk response,we apologies for any inconvenience and appreciate your understanding.

Signed,
Information Technology Service Desk
San Luis Obispo, California 93407
Phone:   <potentially real phone number>
E-mail: <realaddress@calpoly.edu>
© 2012 California Polytechnic State University


HELP DESK PHISHING EMAILS ASKING FOR USERNAME AND PASSWORD

From: "Help Desk" <non-calpoly.edu email address>
Subject: Attention Account User

Help Desk

Attention Account User,

Scheduled Maintenance & Upgrade

Your account is in the process of being upgraded to a newest of Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along with IMAP Support for mobile devices that Support IMAP to enhance your usage.

To ensure that your account is not intermittently disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:

* User name:
* Password:

This will prompt the upgrade of your account.

Failure to acknowledge receipt of this notification, might result to a temporal deactivation of your account from our database.

Your account shall remain active upon your confirmation of your login details.

We do apologize for any inconvenience caused.

Help Desk
Copyright 2012, All Rights Reserved.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


From: ZIMBRA WEB CLIENT [mailto:non-calpoly.edu email address]
To: undisclosed-recipients:
Subject: A MUST READ!!!

Dear .EDU Subscriber

This message is from Zimbra Internet Email Administrator IT Service to all our email account subscribers.
You are to provide to us with the below information to revalidate your accoun t due to mailbox capacity and to upgrade our messaging system.
As a Subscriber you are thereby advised to CLICK REPLY & send the below information:

User Name:
Password:
Confirm Your Password:
Alternative Email :

To avoid deleting your valid account from our DATA BASE, Please understand that we are doing this maintaince to create space for new subscribers.
Negligence of this Notification will result to closure of mailbox.

Thank you for using Zimbra.

Thank You.
IT Email Administrator
Warning Code :ID67565434


GENERIC PHISHING EMAIL WITH CALPOLY SIGNATURE

Reply-To: fakeaccount@yahoo.com
From: CALPOLY SUPPORT <compromisedaccount@someuniversity.edu>
To: "Your Title" <youraddress@calpoly.edu>
Subject: Verify Zimbra

Dear User,

To update your account,you are required to reply to this mail with your Username and password in the spaces provided below or your account will be terminated within the next 48hours.

Username:
Password:

CALPOLY WEBMAIL TECHNICAL SUPPORT.

Current Issue

Heartbleed Security Breach

Heartbleed

Security Tips

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online