Phish Bowl

Beware of the latest phone scam from a caller asking for organizational information, claiming to be from HR and providing a Brown staff member name that does not match the phone number in the online directory.

Look out for job offers, like the following, that appear too good to be true (they usually are).

Beware of calls that appear to be coming from the Chinese Consulate that leave a repeated message in Mandarin, from numbers such as +12122449399 and +12122448293 but also with various area codes and prefixes.

Your phone rings -- you glance at the caller ID and notice that the number looks similar to yours -- so you answer it assuming it's someone you know but haven't put in your contact list yet.

From: cmitten@atomicmachines.com <cmitten@atomicmachines.com>
Date: Thu, Aug 23, 2018 at 1:01 AM

Members of the Brown community continue to report having received a phishy message from BrightCrowd.

In this clever scam, the sender referenced an actual Dell order that had payment processing issues and provided the correct associated number.

From: BROWN UNIVERSITY HELP DESK [various @yahoo addresses] OR
MIDLAND COLLEGE HELP DESK stevemark695@yahoo.co.uk

In an interesting twist on ransomware, scammers are sending emails that claim malware has been downloaded to your computer after you visited a porn site, triggering a recording of you via your webcam watching the site

Last summer we posted a warning from the Internal Revenue Service (IRS) about various types of scams that may target taxpayers this summer, inc

Another variation on the "I need you to perform a quick task for me" phishing scam, whose hallmarks are: from a familiar name, a

It starts as an urgent pop-up warning -- like the one below -- that directs you to install the Advanced Battery Saver app from the Google Play Store.

From: Sandy Isenstadt <gg376ff1@gmail.com>
Date: Wed, Jun 20, 2018 at 12:27 PM
Subject: Confirm

From: David Walker <davidwalker0199@gmail.com>
Date: Mon, Jun 18, 2018 at 11:42 AM
Subject: Administrative Support
To:

Attn

From: Gauthier, Nancy <nancy.gauthier@ucdsb.on.ca>
Date: Wed, May 16, 2018 at 5:48 AM
Subject: IT System Support !!!

From: OPR Science <alam@atzplanet.com>
Subject: OPR Science For Check No: 32034219236
Date: May 15, 2018 at 9:48:57 AM EDT

From: Facebook <firstusacapital@gmail.com>
Date: Sat, May 5, 2018, 12:23 PM
Subject: Alert

This Microsoft/Google Chrome critical warning spotted today contains a few suspicious characteristics that should clue you in to avoid its request for your rapid response. How many can you find?

From: Microsoft Support <outlookwebserrvice060@utk.edu>
Date: Fri, Apr 27, 2018 at 4:40 AM
Subject: Important online activity review

From: Powell, Stephanie <LANGLEYS@ecu.edu>
Date: Tue, Apr 24, 2018, 18:24
Subject: You Have Been sent a File Using Dropbox

Beware a phish from the "IT_Support / IThelpdesk / IT Department" about a supposed "System Upgrade" that links you to the "new Office365 Lite." If you receive this email, do not respond to it nor click on the link.

Do you know how to spot a phony DocuSign request? The following email failed the first indicator of a real one: it did not have the unique security code at the bottom of the email.

The following solicitation from MedCraveOnline for submissions to their Sociology International Journal set off a few red flags (can you spot them?) and an inquiry into

From: Marco Martins <pc@dahnaylogix.com>
Date: Mon, Apr 2, 2018 at 8:13 AM
Subject: Southwire TET 307326383

Sounds too good to be true + Causes your "Spidey Sense" to tingle because something is off + Asks for personal information + Multiple typos and gramm

From: Lauren Miller <u3193322@uni.canberra.edu.au>
Date: Wed, Mar 28, 2018 at 7:40 AM
Subject: Invoice #49277028 from Lauren Miller

The wire transfer scam targeting financial officers is a persistent one, with variations on it continuing to be reported at Brown.

If you fall prey to a toner scam (see earlier Phish Bowl posts), the deal you thought you'd agreed to might become a rip-off like the following example,

From: Renu Jha <renujha723@gmail.com>
Date: March 22, 2018 at 7:23:45 AM EDT
To: renujha723@gmail.com

If you've received a mysterious calendar invite from an address like unknownorganizer@calendar.google.com for an event that has you scratching your head, you m