When scams are brought to the attention of the Information Security Office, we pass the information along to the community. http://security.tennessee.edu/ Supposedly from the UTK.EDU Support Team, yet another canned phishing attempt requests that users send information such as their "Fiest Name" along with their username and password to ensure their account is not deleted. http://security.tennessee.edu/RSS/spam/reconfirm.shtml Mon, 14 Jul 2008 06:53:00 EST Supposedly from the Web Support Team, yet another canned phishing attempt requests that users send their username and password to ensure their account is verified. http://security.tennessee.edu/RSS/spam/dear.shtml Fri, 27 Jun 2008 14:49:00 EST Supposedly from a "verification desk", this not-completely-modified canned phishing attempt requests that users send their username and password to ensure their account is verified. http://security.tennessee.edu/RSS/spam/feature.shtml Tues, 24 Jun 2008 15:01:00 EST Supposedly from the IRS, claims the recipient is due a refund and must visit a website which asks for personal information to receive the funds. http://security.tennessee.edu/RSS/spam/refund2.shtml Mon, 23 Jun 2008 08:10:00 EST This is a modification of a targeted phishing attack on the CS department last month. It claims that the recipient must respond with their password to ensure their account doesn't get deactivated. http://security.tennessee.edu/RSS/spam/up-grade.shtml Tue, 27 May 2008 13:18:00 EST This is a resurgance of the "Verify..." phishing attempts. They've given it a new subject line but it's the same scam, even down to the same "warning code". http://security.tennessee.edu/RSS/spam/important-notice.shtml Tue, 27 May 2008 10:13:00 EST Now the fourth variant of an earlier scam, claims the recipient must reply with their username and password or their UTK email account will be deleted. http://security.tennessee.edu/RSS/spam/verify4.shtml Tue, 27 May 2008 07:52:00 EST Supposedly from EPPICard, claims the recipient needs to verify their card online to prevent identity theft. http://security.tennessee.edu/RSS/spam/eppicard.shtml Tues, 20 May 2008 10:00:00 EST Supposedly from "BELLNET", claims the recipient must respond with a surname and password to prevent their account from being closed. http://security.tennessee.edu/RSS/spam/notification.shtml Thurs, 15 May 2008 9:27:00 EST Supposedly from an unknown lottery agency, claims the recipient has won and must respond to claim their winnings. http://security.tennessee.edu/RSS/spam/lottery.shtml Tues, 13 May 2008 16:55:00 EST Yet another variant of an earlier scam, claims the recipient must reply with their username and password or their email account will be suspended. http://security.tennessee.edu/RSS/spam/verify3.shtml Fri, 09 May 2008 10:26:00 EST We're now up to the seventh reported variant of an earlier scam, claims the recipient must reply with their username and password or their UTK email account will be deactivated. http://security.tennessee.edu/RSS/spam/confirm7.shtml Thur, 08 May 2008 11:13:00 EST Supposedly from the Internal Revinue Service, claims the recipient is due a refund and must enter personal inforamtion such a SSN and Credit Card number to receive the refund. http://security.tennessee.edu/RSS/spam/refund.shtml Mon, 21 Apr 2008 11:40:00 EST Supposedly from the Computer Science department, claims the recipient must reply with their CS username and password. http://security.tennessee.edu/RSS/spam/upgrade.shtml Tue, 15 Apr 2008 16:02:00 EST Supposedly from "UTK.EDU", claims we're updating our website and need you to reply with your username and password. http://security.tennessee.edu/RSS/spam/reply.shtml Tue, 08 Apr 2008 08:49:00 EST Supposedly from Home Federal Bank, claims the recipient's account has been disabled and that they must call the listed (long-distance) number to reactivate the account. http://security.tennessee.edu/RSS/spam/homefederal.shtml Mon, 31 Mar 2008 10:35:00 EST Supposedly from BancorpSouth, claims they have brought a new web-based portal online to enhance security and that all customers must sign on to update their account information. http://security.tennessee.edu/RSS/spam/bancorp.shtml Mon, 31 Mar 2008 10:22:00 EST A variant of an earlier scam, supposedly from the UK National Lottery, claims the recipient has won and needs to send email to a Hotmail account with demographic information to claim their winnings. http://security.tennessee.edu/RSS/spam/uklottery2.shtml Mon, 31 Mar 2008 10:00:00 EST We're up to the sixth reported variant of an earlier scam, claims the recipient must reply with their username and password or their UTK email account will be deactivated. http://security.tennessee.edu/RSS/spam/confirm6.shtml Fri, 28 Mar 2008 12:33:00 EST Now the fifth reported variant of an earlier scam, claims the recipient must reply with their username and password or their UTK email account will be suspended. http://security.tennessee.edu/RSS/spam/confirm5.shtml Tues, 25 Mar 2008 11:14:00 EST Supposedly from the UK Lottery Headquarters, claims the recipient has won the UK lottery and must send personal information to the coordinator to receive payment. http://security.tennessee.edu/RSS/spam/uklottery.shtml Mon, 24 Mar 2008 09:36:00 EST Supposedly from a textbook reprinting service, invites the recipient to provide non-sensitive data to have out-of-print textbooks reprinted. It is assumed this the first step in a multiple-step phishing campaign. http://security.tennessee.edu/RSS/spam/reprint.shtml Thurs, 20 Mar 2008 15:42:00 EST An interesting take on the oldie but goldie Nigerian Scam, claims the sender has won some money but needs the recipient's help to claim it. This scam is unique in that it includes a calendar invitation that automatically is added to the recipient's calendar if they are using a compatible client. See the link for more information. http://security.tennessee.edu/RSS/spam/invitation.shtml Thurs, 20 Mar 2008 15:07:00 EST Supposedly from Wachovia, claims a problem with their server room requires customers to validate personal information. http://security.tennessee.edu/RSS/spam/wachovia.shtml Thurs, 13 Mar 2008 17:09:00 EST Supposedly from CitiBank, advertises a new security feature that customers must sign up for. http://security.tennessee.edu/RSS/spam/citibank.shtml Mon, 10 Mar 2008 10:25:00 EST Yet another variant of an earlier scam, claims the recipient must reply with their username and password or their UTK email account will be suspended. http://security.tennessee.edu/RSS/spam/verify2.shtml Fri, 29 Feb 2008 09:04:00 EST Supposedly from Knoxville Post Office Credit Union, claims the recipient must call a toll-free number to reactivate or confirm their debit or credit card to prevent fraud. http://security.tennessee.edu/RSS/spam/kpocu.shtml Thurs, 28 Feb 2008 10:37:00 EST A variant of an earlier scam, Supposedly from the US Internal Revenue Service, claims the recipient is entitiled to a refund. http://security.tennessee.edu/RSS/spam/irs.shtml Tues, 26 Feb 2008 11:29:00 EST Another variant of an earlier scam. Supposedly from central support, claims the recipient must reply with their password. http://security.tennessee.edu/RSS/spam/confirm4.shtml Tue, 19 Feb 2008 09:06:00 EST Supposedly from Yahoo and/or MSN, claims the recipient has won the Yahoo MSN Lottery http://security.tennessee.edu/RSS/spam/congratulations.shtml Fri, 15 Feb 2008 09:14:00 EST Supposedly from VISA, claims the recipient must call a toll free number to "unlock" their VISA account. This scam is unique in that it does not ask the recipient to reply via email, but call a toll free number. It is sophisticated enough to mimic an authentic call-in service including verifying the credit card number given is a valid number (it must be a valid Luhn algorithm number). If you or someone you know has called the number in this or similar scams, see our Unauthorized Access FAQ for information on getting a free credit report and/or a Fraud Alert placed on your account. http://security.tennessee.edu/RSS/spam/urgent-notification.shtml Wed, 13 Feb 2008 15:48:00 EST A variant of an earlier scam. Supposedly from the UK National Lottery, claims the recipient has won. This variant is unique in that the messages are sent "from" UTK addresses. http://security.tennessee.edu/RSS/spam/final-notices.shtml Mon, 11 Feb 2008 08:53:00 EST Another variant of an earlier scam. Supposedly from central support, claims the recipient must reply with their password. http://security.tennessee.edu/RSS/spam/confirm3.shtml Wed, 6 Feb 2008 09:10:00 EST Supposedly from JPMorgan Chase Bank, claims the recipient must login to a website and confirm their Chase account information. http://security.tennessee.edu/RSS/spam/chase.shtml Thurs, 31 Jan 2008 13:44:00 EST A variant of an earlier scam,supposedly from central support, claims the recipient must respond with their password. http://security.tennessee.edu/RSS/spam/confirm2.shtml Thurs, 31 Jan 2008 13:44:00 EST Supposedly from the US Internal Revenue Service, claims the recipient is entitiled to a refund. http://security.tennessee.edu/RSS/spam/irs-refund.shtml Thur, 31 Jan 2008 08:53:00 EST Supposedly from the UK Lottery Commission, claims the recipient has won. http://security.tennessee.edu/RSS/spam/winning-notification.shtml Tues, 29 Jan 2008 13:30:00 EST Supposedly from the Navy Federal Credit Union, claims the recipient must reactivate their VISA debit card. http://security.tennessee.edu/RSS/spam/navy-fcu.shtml Tues, 29 Jan 2008 13:40:00 EST Supposedly from the National Lottery Board, claims the recipient has won. http://security.tennessee.edu/RSS/spam/goodnews.shtml Tues, 29 Jan 2008 13:50:00 EST Supposedly from the HelpDesk, claims the recipient must respond with their password. http://security.tennessee.edu/RSS/spam/confirm.shtml Tues, 29 Jan 2008 14:00:00 EST Supposedly from the HelpDesk, claims the recipient must respond with username and password or their account will be deactivated. http://security.tennessee.edu/RSS/spam/verify.shtml Tues, 29 Jan 2008 14:10:00 EST