Phish Bowl
A collection of scam emails and other suspicious communications.
From: New Faxmessage <newfax@internationaltowers.com>
Date: Thu, Jan 14, 2021 at 5:12 PM
Subject: Fax Mail
From: Brown <auth.go77339@mailteam.com>
Date: Wed, Jan 13, 2021 at 9:55 AM
Subject: Brown Mailbox Quota warning
From: ResourceFinder <sam@resource-finders.com>
Date: Tue, Jan 12, 2021 at 4:03 PM
Subject: RE: Stimulus Approval Notice
From: Mary Catherine Weller <MCWeller@msn.com>
Date: Tue, Jan 12, 2021 at 7:47 PM
Subject: FAVOR????????
To:
LastPass sent out the following legitimate email to staff this morning. You can read more about LastPass in the CIS Knowledgebase article Introdu
From: Kelly Williams <info@williamskelly.com>
Date: Mon, Dec 28, 2020 at 4:01 PM
Subject: RE: Approval Notice
From: It Helpdesk (via Google Drive) <ithelpdesk802@gmail.com>
Date: Tue, Dec 15, 2020 at 12:22 PM
Subject: Adjunct Evaluation (2).docx
From: Tracy Steffes <headchair093@gmail.com>
Date: Sat, Dec 12, 2020 at 11:16 AM
Subject:
From: Michael Band <info@bandmichael.com>
Date: Sat, Dec 12, 2020 at 2:07 PM
Subject: RE: Your Grant Application
The Rhode Island Education Operations Center has received reports of an alleged RI Dept. of Health (RIDOH) contact tracer soliciting the Social Security Number of a COVID-positive student.
From: Kelly Williams <info@williamskelly.com> or Michael Band <info@bandmichael.com>
In this variation on the research assistant job scam, notice that the sender's address looks real (though the address does not actually exist), but when responding, you would be directed to the Reply-To address
From: Kevin McLaughlin OR Andrew G Campbell OR Christina H Paxson <newpaid2@icloud.com>
Date: Mon, Nov 30, 2020 at 3:11 PM
The Rhode Island Department of Health (RIDOH) has begun texting test results to those enrolled in the routine COVID-19 testing program, which is in addition to the messages already sent from RIDOH through Verily and t
This job solicitation email includes three tell-tale signs of being a scam: it claims to be from a Brown professor but uses a random Gmail address; asks for personal details (why is a cell phone # needed?); and includ
We have added an example of this legitimate notification from University Human Resources (UHR) since receiving some questions about its authenticity.
This straight-to-the-point threat from "Cybercriminals" is more hollow that heinous, and is similar to a strain of "malware sextortion" that was prevalent in 2018.
Passing along this warning sent to the post-doc communty about a type of scam that has continued to find victims, including recently among the Brown postdoc community.
From: Thomas Serre <weicui.umass@gmail.com>
Date: Sun, Nov 8, 2020 at 9:03 PM
Subject: Urgent request
From: "IT Edu (via Google Drive)" <itedu540@gmail.com> or ITS Service Desk (via Google Drive) <itsservhelp1010@gmail
We have received questions about an email from UnitedHealthcare StudentResources, due to the suspicious shortened link provided (directing recipients to a page beginning with sales.cmail19.com).
From: jeff ross <jeff.ross0110@gmail.com>
Date: Tue, Nov 3, 2020 at 2:19 AM
Subject: CMR
To:
Hey,
From: Larry Larson <hallgway50@gmail.com>
Date: Mon, Nov 2, 2020 at 4:05 PM
Subject: Work [ also a version with "Request" as Subject ]
From: PWNHealth Clinical Support <covid19@pwnhealth.com>
Date: October 30, 2020 at 1:00:53 PM EDT
From: Amanda Baile <executivedirector7784@gmail.com>
Date: Thu, Oct 29, 2020 at 7:36 AM
Subject: Task
Beware the texting variation on the "Are you available?" phishing scam, with both currently being reported to the Phish Bowl.
From: Chair Department <division.chairdepartment@my.com>
Sent: Monday, October 26, 2020 11:48 AM
Some members of the Brown community have reported the following notification from the bulk email list service, which generated the email as the result of the individuals having been added to the list
If you are an Apple Device Enrollment Partner or receive communications from or about device enrollments, watch out for phishing attempts like the following that impersonates an Apple partner notification.
This bill notification, supposedly from Norton 360, provides a good opportunity to hone your detective skills by identifying "what's wrong with this picture?" If this email had arrived in your Inbox, what would tip yo
Pages
If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.