Phish Bowl

Beware of the latest phone scam reported at Brown that warns the recipient that their iCloud account has been breached, but is just phishing for personal information that could be possibly be used for identity theft.

The following phishing email was reported with two different but similar subjects -- Security Notice From Chase Online ID: RBNMgQlHXP and Activity Alert: Secure Your Bank Account Token ID: 6FgHDCpxFe -- both sent by

From: Virgin Pulse <no-reply@virginpulse.com>
Date: Wed, Oct 30, 2019 at 10:04 AM
Subject: Join Brown University's wellbeing program.

Spot the phishing clues in this email, supposedly from President Paxson. What is there about it that might lead someone to respond?

From: Lucy Bryan <pudge9111999@mail.com> OR <tinainseattle@gmail.com>
Date: Mon, Oct 21, 2019, 9:02 PM

Don't get spooked by the three exclamation points in the subject line, but do get wise to the phishiness of bad grammar and suspicious URL provided (directing you to http://tags.my/upda

Another phish spotted on campus.  What gives this one away?

From: Michael Cloy <michaelcloy01@gmail.com>
Date: Sat, Sep 28, 2019 at 13:41
Subject: JOB FOR STUDENT

From: brown.edu <shnogh.lori@mta.gov.am>
Date: Thu, 26th Sep 2019
Subject: help@brown.edu : Password Reset.

From: david magret <davidmagret2020@gmail.com>
Date: Tue, Sep 24, 2019 at 8:06 PM
Subject: Payroll Clerk.....
To:

Multiple sightings of the "Hello. Are you available?" phishing email have been reported, usually bearing a professor's name but with a bogus @gmail.com address.

Can you spot the signs of this recently reported email being a phish (even though you can't see from this example that none of the links has a brown.edu address)?

At least 2 users have received a large number of emails with subjects that begin "confirm nnnnn...", which appear to be confirmation messages for joining lists.

If you received a suspicious email from NavyFederal that looks like its coming from a Brown address, DON'T panic, but DO mark it as spam.

This supposed job offer bears a striking resemblance to a phishing email reported early last year. Don't be fooled!

From: '21 RISING <21rising@brown.edu>

From: Carberry Josiah <josiahcarberry.brown@gmail.com>
Date: Fri, Aug 30, 2019 at 10:10 AM
Subject: Re: Quick request

The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious cyber actors send unsolicited emails to taxpayers from fake IRS email addresses.

How many red flags can you find in the following email? Which emotional buttons did the sender try to push? What did the sender include in the message to try and convince you it's real? 

From: Khelsea Singh <ksinghcarranza1@babson.edu>
Date: July 31, 2019 at 1:30:24 PM EDT

From: Juliane Blyth <juliane.blyth@my.com>
Date: Mon, Jul 29, 2019 at 8:34 AM
Subject: Urgently

From: Carly Kite Lapinski <executiviedirector9012@gmail.com>
Date: Wed, Jul 24, 2019 at 9:27 AM
Subject: Request

A classic phish was reported -- both helpful and threatening at the same time -- which alerts the recipient to "Automatically switch to the new mail settings to avoid account closure in 48hours".

BWell Health Promotion released the following notification today of an online health promotion course for all incoming undergraduate students, provided through a partnership with EverFi.

From: Meisel, Joseph <davidaustellcolumbiaedum@gmail.com>
Date: Sun, Jul 14, 2019 at 7:59 PM
Subject: quick task

From: Diane Lipscombe <diane.lipscombe32@gmail.com>
[ one of several addresses reported * ]
Subject: Re: URGENT REQUEST

Sometimes the bogus job offers arrive by email, other times they're sought out, but both promise opportunities that may only lead to frustration, loss of personal information and money (such as

Beware bogus calendar invites, targeting victims with malicious and unsolicited Google Calendar notifications.

Beware this attempt by Interactive Research Communications to collect information about your copiers or printers, which will become  "leads" to sell to

No need for concern if you received an email announcing your access to LinkedIn Learning, which is part of the switch from Lynda.