Phish Bowl

From: Mychal Grenawalt <mychalgrenawalt @sbcglobal.net>
Date: Tue, Jan 9, 2018 at 9:10 AM
Subject: Document
To:

From: PayPal Support <paypal @server.sanvil.cc>
Date: Sun, Nov 26, 2017 at 7:28 AM
Subject: Due to suspicious activity, your account has been temporarily locked.

From: OPR Science <agnes.oeschger @bluewin.ch>
Subject: Invoice #46117035/DEF#GXYOM/2017 (04 Dec 17)
Date: December 4, 2017 at 7:15:10 AM EST
To: Josiah_Carberry @brown.edu

From: Jay Calhoun <checkinganna @gmail.com>
Date: Wed, Nov 29, 2017 at 11:09 AM
Subject: Hello Josiah.
To: Josiah_Carberry @brown.edu

From: bursar_billing@brown.edu
Date: Thu, Nov 9, 2017 at 4:02 PM
Subject: Brown University Student Account Activity Notice

From: ITS service  <hotmstr @vanderbilt.edu>
Date: Sun, Nov 19, 2017 at 9:27 AM
Subject: Brown Information Technology
To: [ Brown email addresses ]

From: Shantala Contara <orydeya @ua.fm>
Date: Thu, Nov 16, 2017 at 6:21 AM
Subject: Invoice due, number 8611729/QK#HWZR/2017 (16 Nov 17)
To: [ Brown email address ]

Dear ,

We have received questions about this email from UnitedHealthCare Student Resources, which is a legitimate notification from them.

Beware of requests to immediately wire funds that arrive through suspicious emails that are full of grammatical errors and typos, have a mismatch on the sender's name and email address, and stress urgency.

A phishing email reported today with the classic tell-tale signs: missing recipient address, threat if no action taken quickly, grammar errors, from "IT Service Desk S

Netflix subscribers are being targeted with a well-executed phishing email telling them their account has been suspended and trying to get their login information and credit card data.

From: stunned hacker <hackerstunned @gmail.com>
Date: Wed, Oct 18, 2017 at 9:09 PM
Subject: hello
To: [ Brown email addresses ]

From: Gmaili+ Update Security [mailto:67293 @cag.edu.gt] 
Sent: Wednesday, October 18, 2017 12:30 PM
Subject: Avoid being locked out of your mail

[Inline image 1]

From: <GoogleAccount @server06.accounttsupport.com>
Date: Thu, Oct 12, 2017 at 6:43 AM
Subject: Upgrade Your Mail Box [Brown email address] To Continue Using Your Email

Occasional military recruiters will send email solicitations to Brown students, such as the following example. These are legitimate and allowed by law.

From: Admin Support <savannah.brosius @wsu.edu>
Date: Thu, Sep 21, 2017 at 3:02 PM
Subject: Please Verify
To: [ Brown address ]

From: LASHANDA D. SANTIAGO <Lashanda.Santiago @eskenazihealth.edu>
Date: Thu, Sep 21, 2017 at 9:48 AM
Subject: RE: Hr management Announcements (Microsoft Warning Alert)

Stay alert for phony wire transfer requests which surface at Brown periodically, usually targeting individuals who work in financial or senior level offices.

From: Outlook Web App <threefasthounds @centurylink.net>
Date: Wed, Sep 20, 2017 at 8:41 AM
Subject: IT Help Desk !
To: 

Important information from Outlook Web App Security Service.

From: AppIe <blarand@sodamixerz.com>
Subject: We noticed unusual activity from your account
Date: September 17, 2017 at 1:58:38 AM EDT

From: dave.rainville @ricoh-usa.com <donotreply @iofficecorp.com>
Date: Thu, Sep 14, 2017 at 5:48 AM
Subject: Asset Meter Reads
To: [ Brown email address ]

From: AppIe <vipinted @xertiamon.com>
Subject: Your AppIe ID Information has been disabled
Date: September 10, 2017 at 5:00:28 PM EDT
To: [Brown email address]

Dear Customer, 

From:
G_Apps Administrator <67161 @cag.edu.gt> OR
GAdmin Security <56861 @cag.edu.gt> OR

US-CERT* warns everyone to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey.

From: <andi540724@aol.com>
Date: Aug 25, 2017 1:34 PM
Subject: Review Project #Lot 42422
To: 
Cc: 

Beware of unsolicited job offers with vague promises as they could be a job scam trying to get your personal information as well as your money.

There have been several reports of emails from "aSuggestion", a service that allows the anonymous sharing of ideas with designated organizations (a kind of anonymous sugg

From: Lauren Miller <eren.arslan @web.de>
Subject: Please pay your invoice with id number: 1378343
Date: July 24, 2017 at 2:43:16 PM EDT
To:  < Brown address >

Good Day ,

An offer for free materials to add to your web page may seem like a good deal and an opportunity to do help someone out, but it might not add any value and instead direct your visitors to a location they may find conf

The "Tutor Scam", now in circulation at Brown, is an example of targeted social engineering that tries to establish a relationship and gain your trust, often leading to check scams.