From: Inga Leverett < leverett @oakland.edu >
Date: Wed, Nov 26, 2014 at 1:33 PM
From: Brown University < xxxxx_xxxx @brown.edu>
Date: Fri, Nov 21, 2014 at 3:46 PM
Subject: Message From Brown Information Security: Your email account has been compromised
From: Franklin, Natalie R < natalie.r.franklin @vanderbilt.edu >
Date: Mon, Nov 17, 2014 at 10:51 AM
Subject: RE: Help Desk Important Notification !
From: IRS.gov < xxxxx_xxxx @brown.edu >
Date: Sun, Nov 16, 2014 at 6:27 PM
Your Revenue Record Shows You Are Still Yet To Validate.
From: WEBMASTER < xxxxx_xxxx @brown.edu >
Date: Sun, Nov 16, 2014 at 7:09 PM
Subject: Re-Validate Your School Mail Box
Re-Validate- < Click Here>>
From: "IRS.gov" < xxxxx_xxxx @brown.edu >
Date: Nov 16, 2014 5:53 PM
Subject: Identity protection
The following email from Citizens Bank was reported. Follow-up with them confirmed that it was NOT phishing, but rather, a notification sent in error and can be disregarded.
From: Ritchie, Mark < m_ritchie3 @fanshawec.ca >
Date: Fri, Nov 14, 2014 at 9:02 AM
Subject: Faculty and Staff email notification
To: "Ritchie, Mark" < m_ritchie3 @fanshawec.ca >
If you receive the following phishing email, you can report it to Apple at email@example.com.
From: Email Account Team < admin @amlakshemshad.ir >
Date: Wed, Nov 12, 2014 at 2:39 AM
Subject: OUR FINAL ACCOUNT NOTICE!!!
To: help @brown.edu
Your mailbox is almost full.
This is being sent using a variety of invoices numbers.
From: < billing.address.updates @adp.com >
Date: Wed, Nov 12, 2014 at 11:38 AM
Subject: ADP Past Due Invoice#97818840
Multiple students have inquired about this email. The good news for the recipients is, it is quite real.
From: Message Admin < martin.smith @essex.org.uk >
Date: Mon, Nov 10, 2014 at 8:42 AM
Subject: Voice Message #0913700893
To: xxxxx @brown.edu
Voice redirected message
From: xxx_xxxx @brown.edu
Date: Sun, Nov 9, 2014 at 11:29 PM
See the attached for your perusal.
[ NEFT TRANSFER#20003#.htm ]
From: IRS.gov 2014 < gduranramirez498 @hcc.edu >
Date: Fri, Nov 7, 2014 at 7:28 PM <
The following email was reported as suspected phishing. It is, however, a legitimate email inadvertently sent as part of a security update to the Salesforce application (used with Workday).
Some members of the Brown community have sent inquiries about emails sent from NoReply @brown.edu about Workday transactions.
Be on the alert for tech support calls from an "Antivirus Company", which attempt to persuade victims to install products such as "Team Viewer" (a remote desktop tool) to remotely scan your computer.
Some members of the Biomedical community have sent inquiries regarding the legitimacy of the following email introducing the Henry Stewart Talks trial at Brown.
From: Hasan Koyuncu < hasan.koyuncu @csb.gov.tr >
Subject: YNT: Your Mailbox Is Almost Ful
Date: October 28, 2014 at 8:36:42 AM EDT
To: Hasan Koyuncu < hasan.koyuncu @csb.gov.tr >
From: Paypal < support @paypl.com >
Date: Wed, Oct 22, 2014 at 2:40 PM
Subject: Your Account Will Be Limited
To: help < help @brown.edu >
From: "TAYLOR, Gary (Atlanta)"< gary.taylor @exide.com >
Date: Oct 15, 2014 8:17 AM
Subject: IT HelpDesk
From: < geesres @absamail.co.za > or < boris.carvajal @electrohuila.com.co > or < pablo_c @etercor.com.ar >
Date: Thu, Oct 9, 2014 at 5:17 PM
From: Painter, Joan < JPainter @tustin.k12.ca.us >
Date: Wed, Oct 8, 2014 at 8:09 AM
Subject: RE: Your password
To: "Painter, Joan"
From: IRS.gov < xxxx @brown.edu >
Date: Tue, Oct 7, 2014 at 10:52 AM
The following is more like spam than phishing, but due to receiving multiple reports, it has been included in the Phish Bowl. Should you received this or something similar, mark it as spam to alert Google.
From: Xxxx, Xxxx < xxxx @brown.edu >
Date: Sun, Sep 28, 2014 at 11:07 AM
Subject: CONFIDENTIAL DOCUMENT
From: BROWN.EDU < xxx_xxxxxx @brown.edu >
Date: Wed, Oct 1, 2014 at 9:11 AM
Re-Validate- < Click Here>>
From: BROWN.EDU @irs.gov or IRS.gov < from various Brown addresses >
Date: Tue, Oct 7, 2014 at 10:12 AM
Subject: Tax Revenue Record
In addition to phishing emails, ISG has been hearing reports of scams coming via the telephone (sometimes called "vishing" for voice phishing).