Phish Bowl
A collection of scam emails and other suspicious communications.
From: <DoNotReply@loyaltygateway.com>
Date: Tue, May 26, 2020 at 1:02 AM
Subject: Your Order Confirmation
From: <brianthom2020@gmail.com> or <harrisbrian581@gmail.com>
Date: Mon, May 25, 2020 at 10:00 AM
The following is an example of a Critical Review survey, sent to Brown students for each course that was eligible for review, and is the first year this process went digital.
---
The following are a couple of examples of notifications sent through HireRight, who has partnered with Brown University to conduct background verifications.
From: Christina Hull Paxson <islandmuse@twc.com>
Date: Mon, May 18, 2020 at 12:02 PM
Subject: Urgent!
From: Ryan Welter <ryannwilliamss211@gmail.com>
Date: Wed, May 13, 2020 at 1:00 PM
Subject: URGENT: Data Analyst Needed ASAP!
To:
From: Trevor Culhane <owens0101@gmail.com>
Date: Mon, May 11, 2020 at 5:43 PM
Subject: BROWN HIRING
To:
From: Takao Watanabe <watanabet851@gmail.com>
Date: Wed, May 6, 2020 at 3:20 PM
Subject:
From: Lisa Gartrell <lisa32ul@gmail.com>
Date: Thu, Apr 30, 2020 at 12:29 PM
Subject: BROWN REMOTE PART-TIME JOB OFFER
Hypothectically, if you received the following email exchange, at what point might you become suspicious that not everything is as it seems?
Ever wonder what might happen if you responded to a phishing email, such as the one reported last week from CoreStaff Services?
From: Josephine Carberry (via Google Drive) <sdcg.six@gmail.com>
Date: Wed, Apr 22, 2020 at 4:43 PM
Subject: Faculty Evaluation.pdf
A carefully constructed phishing email is now in circulation at Brown, looking like a legitimate notification from the IT Service Center but is actually just a clever ploy to get your username, password and "Brown Ema
From: Larry Larson <lawrence.larson.brown@gmail.com>
Date: Mon, Apr 20, 2020 at 12:54 PM
Subject: Immediate Attention!
From: Marion Wasser <wasserm226@gmail.com>
Date: Fri, Apr 17, 2020 at 5:45 PM
Subject: BROWN STUDENT REMOTE PART TIME JOB OFFER
The following four addresses were reported over the last three days -- more variations on the impersonator phishing scam.
As we approach the traditional tax season, be on the lookout for phishing emails about adjustments to your pay and tax announcements, such as the following example.
From: Victoria Christensen <vaicuong1996@gmail.com> [ or <hilescmnmary@gmail.com> ]
Our increased dependency on technology during this period of self-isolation, especially our heavy reliance on Zoom, has not been overlooked by cyber criminals.
From: Elliott Parker <variantaustin47@gmail.com>
Date: March 31, 2020 at 1:10:14 PM EDT
One of the newest Coronavirus-related phishing emails spoofs a hospital notification that warns of exposure to COVID-19 through contact with a "colleague/friend/family member", directing the recipient to download an a
From: Chair Department <chair.of.department@my.com>
Date: March 28, 2020 at 11:52:01 AM EDT
This phish sent to URI alums combines the lure of a topical subject, the veneer of being "official", and the promise of money during an uncertain time, wrapped in an opportunity to provide humanitarian assistance.
The COVID-19 virus is being used in phishing attacks to lure victims looking for information about the pandemic -- don't fall for it!
Impersonator emails, from a familiar name but a phony email address, are being reported with growing frequency, with subject lines of "Quick recovery", "Urgent request", "Urgent hi [your name]", and now "CHECK FAST!!!
Robocalls of a female voice (possibly speaking Mandarin) with a musical background have been reported, calling from 1-646-173-0844.
From: pliscinsky@bridgeportedu.net
Date: Tue, Mar 17, 2020 at 7:55 PM
Subject: Re: NEW from Choices: Civil War and the Meaning of Liberty
The following is an example of two common phishing emails: "impostor email" (looks like someone you many know but has a phony email address) and a job scam (usually an offer a bit too good to be true).
A malicious website pretending to be Johns Hopkins live map of the global spreading of COVID-19 cases is circulating on the web, waiting for unsuspecting viewers of the website (corona-virus-map[dot]com), according to
We remind you that during media intense events like the Coronavirus outbreak (COVID-19), cyber attackers are taking advantage of the situat
Pages
If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.