Phish Bowl

A collection of scam emails and other suspicious communications.

rss feed

Phishing Email (on campus)

From: Paul Cooke <>
Date: Thu, Feb 15, 2018 at 6:55 PM
Subject: Open invoices

Posted: 02/16/2018 - 11:21am
Phishing Email (on campus)

From: Jacqueline T Newman <JTNEWMAN>
Date: Wed, Feb 14, 2018 at 3:19 PM
Subject: Alert

Posted: 02/14/2018 - 3:36pm
Phishing Email (on campus)

Be on alert for a scammer posing as Brown's Student Health Insurance carrier. Several students have reported these calls, which originate from a Canadian-based number.

Posted: 02/14/2018 - 2:53pm
Phishing Email (on campus)


From: James Parker <jamespaker4325>
Date: Mon, Feb 5, 2018 at 11:41 AM
Subject: .

Posted: 02/05/2018 - 12:06pm
Phishing Email (on campus)

While this email does not contain any links or attachments, it does entice its reader with a polite job offer if you provide a personal email address.

Posted: 01/22/2018 - 10:17am
Phishing Email (on campus)

Beware of emails offering to share documents via "Docsign" (and not "DocuSign") from and related domains. The following are two examples of recent reports of these phishing emails.

Posted: 01/11/2018 - 10:19pm
Phishing Email (on campus)

From: Denise Reese <dreese>
Date: Thu, Jan 11, 2018 at 12:13 PM
Subject: New Document: Doc #229640.pdf

Denise V. Reese Sent you a Document "Doc #229640.pdf".

Posted: 01/11/2018 - 1:21pm
Phishing Email (on campus)

One of items in the phishing scammer's toolkit is the ability to spoof email addresses, making it easy to take the name in your account -- and sometimes the @brownedu address as well -- and to place it in the From fie

Posted: 01/10/2018 - 2:30pm
Phishing Email (on campus)

Watch out for employment scams like the following, which specifically prey on college students.

Posted: 01/09/2018 - 10:00am
Phishing Email (on campus)

From: Mychal Grenawalt <mychalgrenawalt>
Date: Tue, Jan 9, 2018 at 9:10 AM
Subject: Document

Posted: 01/09/2018 - 9:39am
Phishing Email (on campus)

From: PayPal Support <paypal>
Date: Sun, Nov 26, 2017 at 7:28 AM
Subject: Due to suspicious activity, your account has been temporarily locked.

Posted: 12/07/2017 - 10:19am
Phishing Email (on campus)

From: OPR Science <agnes.oeschger>
Subject: Invoice #46117035/DEF#GXYOM/2017 (04 Dec 17)
Date: December 4, 2017 at 7:15:10 AM EST
To: Josiah_Carberry

Posted: 12/04/2017 - 1:11pm
Phishing Email (on campus)

From: Jay Calhoun <checkinganna>
Date: Wed, Nov 29, 2017 at 11:09 AM
Subject: Hello Josiah.
To: Josiah_Carberry

Posted: 11/29/2017 - 11:40am
Legitimate Email

Date: Thu, Nov 9, 2017 at 4:02 PM
Subject: Brown University Student Account Activity Notice

Posted: 11/20/2017 - 8:21am
Phishing Email (on campus)

From: ITS service  <hotmstr>
Date: Sun, Nov 19, 2017 at 9:27 AM
Subject: Brown Information Technology
To: [ Brown email addresses ]

Posted: 11/19/2017 - 1:17pm
Phishing Email (on campus)

From: Shantala Contara <orydeya>
Date: Thu, Nov 16, 2017 at 6:21 AM
Subject: Invoice due, number 8611729/QK#HWZR/2017 (16 Nov 17)
To: [ Brown email address ]

Dear ,

Posted: 11/16/2017 - 8:40am
Legitimate Email

We have received questions about this email from UnitedHealthCare Student Resources, which is a legitimate notification from them.

Posted: 11/13/2017 - 2:50pm
Phishing Email (on campus)

Beware of requests to immediately wire funds that arrive through suspicious emails that are full of grammatical errors and typos, have a mismatch on the sender's name and email address, and stress urgency.

Posted: 11/13/2017 - 12:50pm
Phishing Email (on campus)

A phishing email reported today with the classic tell-tale signs: missing recipient address, threat if no action taken quickly, grammar errors, from "IT Service Desk S

Posted: 11/10/2017 - 12:57pm
Phishing Email (in the wild)

Netflix subscribers are being targeted with a well-executed phishing email telling them their account has been suspended and trying to get their login information and credit card data.

Posted: 11/07/2017 - 1:40pm
Phishing Email (on campus)

From: stunned hacker <hackerstunned>
Date: Wed, Oct 18, 2017 at 9:09 PM
Subject: hello
To: [ Brown email addresses ]

Posted: 10/18/2017 - 3:43pm
Phishing Email (on campus)

From: Gmaili+ Update Security [mailto:67293] 
Sent: Wednesday, October 18, 2017 12:30 PM
Subject: Avoid being locked out of your mail

[Inline image 1]

Posted: 10/18/2017 - 1:23pm
Phishing Email (on campus)

From: <GoogleAccount>
Date: Thu, Oct 12, 2017 at 6:43 AM
Subject: Upgrade Your Mail Box [Brown email address] To Continue Using Your Email

Posted: 10/12/2017 - 8:41am
Legitimate Email

Occasional military recruiters will send email solicitations to Brown students, such as the following example. These are legitimate and allowed by law.

Posted: 09/29/2017 - 12:54pm
Phishing Email (on campus)

From: Admin Support <savannah.brosius>
Date: Thu, Sep 21, 2017 at 3:02 PM
Subject: Please Verify
To: [ Brown address ]

Posted: 09/27/2017 - 12:10pm
Phishing Email (on campus)

From: LASHANDA D. SANTIAGO <Lashanda.Santiago>
Date: Thu, Sep 21, 2017 at 9:48 AM
Subject: RE: Hr management Announcements (Microsoft Warning Alert)

Posted: 09/21/2017 - 1:48pm
Phishing Email (on campus)

Stay alert for phony wire transfer requests which surface at Brown periodically, usually targeting individuals who work in financial or senior level offices.

Posted: 09/20/2017 - 9:05pm
Phishing Email (on campus)

From: Outlook Web App <threefasthounds>
Date: Wed, Sep 20, 2017 at 8:41 AM
Subject: IT Help Desk !

Important information from Outlook Web App Security Service.

Posted: 09/20/2017 - 9:04am
Phishing Email (on campus)

From: AppIe <>
Subject: We noticed unusual activity from your account
Date: September 17, 2017 at 1:58:38 AM EDT

Posted: 09/18/2017 - 9:23am
Phishing Email (on campus)

From: dave.rainville <donotreply>
Date: Thu, Sep 14, 2017 at 5:48 AM
Subject: Asset Meter Reads
To: [ Brown email address ]

Posted: 09/14/2017 - 8:45am