Phish Bowl
A collection of scam emails and other suspicious communications.
This supposed job offer bears a striking resemblance to a phishing email reported early last year. Don't be fooled!
From: '21 RISING <21rising@brown.edu>
From: Carberry Josiah <josiahcarberry.brown@gmail.com>
Date: Fri, Aug 30, 2019 at 10:10 AM
Subject: Re: Quick request
The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious cyber actors send unsolicited emails to taxpayers from fake IRS email addresses.
How many red flags can you find in the following email? Which emotional buttons did the sender try to push? What did the sender include in the message to try and convince you it's real?
From: Khelsea Singh <ksinghcarranza1@babson.edu>
Date: July 31, 2019 at 1:30:24 PM EDT
From: Juliane Blyth <juliane.blyth@my.com>
Date: Mon, Jul 29, 2019 at 8:34 AM
Subject: Urgently
From: Carly Kite Lapinski <executiviedirector9012@gmail.com>
Date: Wed, Jul 24, 2019 at 9:27 AM
Subject: Request
A classic phish was reported -- both helpful and threatening at the same time -- which alerts the recipient to "Automatically switch to the new mail settings to avoid account closure in 48hours".
BWell Health Promotion released the following notification today of an online health promotion course for all incoming undergraduate students, provided through a partnership with EverFi.
From: Meisel, Joseph <davidaustellcolumbiaedum@gmail.com>
Date: Sun, Jul 14, 2019 at 7:59 PM
Subject: quick task
From: Diane Lipscombe <diane.lipscombe32@gmail.com>
[ one of several addresses reported * ]
Subject: Re: URGENT REQUEST
Sometimes the bogus job offers arrive by email, other times they're sought out, but both promise opportunities that may only lead to frustration, loss of personal information and money (such as
Beware bogus calendar invites, targeting victims with malicious and unsolicited Google Calendar notifications.
Beware this attempt by Interactive Research Communications to collect information about your copiers or printers, which will become "leads" to sell to
No need for concern if you received an email announcing your access to LinkedIn Learning, which is part of the switch from Lynda.
Beware of an email supposedly from the "Office 365 Team", trying to capture your Microsoft credentials, which warns that due to an "unusual volume of file deletion" a "medium-severity alert has been triggered."
We have received a growing number of reports of the "Go through this papers" scam, which at first glance may appear to be from someone you know, but upon closer examination, is from an @gmail.com account rather than a
From: Brown University(Tech Support) <itechcenter@brown.edu>
Date: Tue, May 14, 2019 at 11:47 AM
A legitimate email sent to some members of the Brown community on Thursday was inadvertently tagged with a Google banner warning to "Be careful with this message", the result of an anti-phishing mechanism that was put
From: Orange Technology <orangecountytechnology@gmail.com>
Date: April 2, 2019 at 3:52:40 AM EDT
To: undisclosed-recipients:;
From: Yan Guo <yanguo055@gmail.com>
Subject: Re:
Date: April 1, 2019 at 9:14:13 AM EDT
While it may seem suspicious, this notification from Microsoft is actually the real thing.
From: Mary Peterson <erez.perelson@gmail.com>
Date: Thu, Mar 28, 2019 at 6:58 PM
Subject: [ 1st ] Recommendation..!!
From: Christina Paxson <cfooffice123@aol.com>
Date: Wed, Mar 27, 2019 at 12:22 PM
Subject: REQUEST
Purchasing has been alerted by a supplier of a Request for Quotation (RFQ) supposedly sent by Brown staff but is instead part of a known scam, which leads to the supplier shipping the merchandise, the business never r
From: Jewel Wehr <Hr_desk900@outlook.com>
Sent: Friday, March 8, 2019 12:31 AM
Subject: Personal Assistant Needed
After a couple of back-and-forth emails, starting with "Are you available?, this scammer gets down to the specifics of what they want and how to get it to them.
From: Aleisha Nisbet <acn38@uclive.ac.nz>
Date: Wed, Mar 6, 2019, 10:53
Subject: INTERNSHIP: Brown University
To: [ multiple @brown.edu addresses ]
Similar to the phishing email Prompt Response Required reported in mid-February, "Hello good day" from "Christiana Paxson" offers more than a few
Pages
If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.