Phish Bowl
A collection of scam emails and other suspicious communications.
From: Amazon <lcomber@pioneeringtech.com>
Date: Tue, Oct 30, 2018 at 6:19 PM
Subject: Amazon Account Suspened
From: Jane Pisasale via Adobe Document Cloud <noreply@acrobat.com>
Date: Tue, Oct 30, 2018 at 7:50 AM
Subject: Executed Contract
We continue to receive reports of emails that threaten to send videos of their victims to their contacts unless the victims send them hundreds of dollars in bitcoins within 48 hours.
From: Gregory Fletcher <Gregory.Fletcher@ocsarts.net>
Date: Mon, Oct 15, 2018 at 12:26 PM
Subject: Re: ACH payment
To:
From: Jana Doe <janadoe.brown.edu@gmail.com>
Date: Mon, Oct 15, 2018 at 8:10 AM
Subject:
From: Doug Thomson <blumilk8965@gmail.com>
Date: Fri, Sep 28, 2018 at 5:54 PM
Subject: Re: Meeting on Tuesday
Another scam hitting University phones to avoid: a robocall that warns your account has been suspended and you need to respond to the call for your account to be reactivated.
Beware of the latest phone scam from a caller asking for organizational information, claiming to be from HR and providing a Brown staff member name that does not match the phone number in the online directory.
Beware of calls that appear to be coming from the Chinese Consulate that leave a repeated message in Mandarin, from numbers such as +12122449399 and +12122448293 but also with various area codes and prefixes.
Your phone rings -- you glance at the caller ID and notice that the number looks similar to yours -- so you answer it assuming it's someone you know but haven't put in your contact list yet.
From: cmitten@atomicmachines.com <cmitten@atomicmachines.com>
Date: Thu, Aug 23, 2018 at 1:01 AM
Members of the Brown community continue to report having received a phishy message from BrightCrowd.
In this clever scam, the sender referenced an actual Dell order that had payment processing issues and provided the correct associated number.
From: BROWN UNIVERSITY HELP DESK [various @yahoo addresses] OR
MIDLAND COLLEGE HELP DESK stevemark695@yahoo.co.uk
In an interesting twist on ransomware, scammers are sending emails that claim malware has been downloaded to your computer after you visited a porn site, triggering a recording of you via your webcam watching the site
Last summer we posted a warning from the Internal Revenue Service (IRS) about various types of scams that may target taxpayers this summer, inc
Another variation on the "I need you to perform a quick task for me" phishing scam, whose hallmarks are: from a familiar name, a
It starts as an urgent pop-up warning -- like the one below -- that directs you to install the Advanced Battery Saver app from the Google Play Store.
From: Sandy Isenstadt <gg376ff1@gmail.com>
Date: Wed, Jun 20, 2018 at 12:27 PM
Subject: Confirm
From: David Walker <davidwalker0199@gmail.com>
Date: Mon, Jun 18, 2018 at 11:42 AM
Subject: Administrative Support
To:
Attn
From: Gauthier, Nancy <nancy.gauthier@ucdsb.on.ca>
Date: Wed, May 16, 2018 at 5:48 AM
Subject: IT System Support !!!
From: OPR Science <alam@atzplanet.com>
Subject: OPR Science For Check No: 32034219236
Date: May 15, 2018 at 9:48:57 AM EDT
From: Facebook <firstusacapital@gmail.com>
Date: Sat, May 5, 2018, 12:23 PM
Subject: Alert
This Microsoft/Google Chrome critical warning spotted today contains a few suspicious characteristics that should clue you in to avoid its request for your rapid response. How many can you find?
From: Microsoft Support <outlookwebserrvice060@utk.edu>
Date: Fri, Apr 27, 2018 at 4:40 AM
Subject: Important online activity review
From: Powell, Stephanie <LANGLEYS@ecu.edu>
Date: Tue, Apr 24, 2018, 18:24
Subject: You Have Been sent a File Using Dropbox
Beware a phish from the "IT_Support / IThelpdesk / IT Department" about a supposed "System Upgrade" that links you to the "new Office365 Lite." If you receive this email, do not respond to it nor click on the link.
Do you know how to spot a phony DocuSign request? The following email failed the first indicator of a real one: it did not have the unique security code at the bottom of the email.
The following solicitation from MedCraveOnline for submissions to their Sociology International Journal set off a few red flags (can you spot them?) and an inquiry into
From: Marco Martins <pc@dahnaylogix.com>
Date: Mon, Apr 2, 2018 at 8:13 AM
Subject: Southwire TET 307326383
Pages
If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.