Phish Bowl
A collection of scam emails and other suspicious communications.
From: Outlook Web App <threefasthounds @centurylink.net>
Date: Wed, Sep 20, 2017 at 8:41 AM
Subject: IT Help Desk !
To:
Important information from Outlook Web App Security Service.
From: AppIe <blarand@sodamixerz.com>
Subject: We noticed unusual activity from your account
Date: September 17, 2017 at 1:58:38 AM EDT
From: dave.rainville @ricoh-usa.com <donotreply @iofficecorp.com>
Date: Thu, Sep 14, 2017 at 5:48 AM
Subject: Asset Meter Reads
To: [ Brown email address ]
From: AppIe <vipinted @xertiamon.com>
Subject: Your AppIe ID Information has been disabled
Date: September 10, 2017 at 5:00:28 PM EDT
To: [Brown email address]
Dear Customer,
From:
G_Apps Administrator <67161 @cag.edu.gt> OR
GAdmin Security <56861 @cag.edu.gt> OR
US-CERT* warns everyone to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey.
From: <andi540724@aol.com>
Date: Aug 25, 2017 1:34 PM
Subject: Review Project #Lot 42422
To:
Cc:
Beware of unsolicited job offers with vague promises as they could be a job scam trying to get your personal information as well as your money.
There have been several reports of emails from "aSuggestion", a service that allows the anonymous sharing of ideas with designated organizations (a kind of anonymous sugg
From: Lauren Miller <eren.arslan @web.de>
Subject: Please pay your invoice with id number: 1378343
Date: July 24, 2017 at 2:43:16 PM EDT
To: < Brown address >
Good Day ,
An offer for free materials to add to your web page may seem like a good deal and an opportunity to do help someone out, but it might not add any value and instead direct your visitors to a location they may find conf
The "Tutor Scam", now in circulation at Brown, is an example of targeted social engineering that tries to establish a relationship and gain your trust, often leading to check scams.
The Internal Revenue Service (IRS) warns of various types of scams that may target taxpayers this summer, including robocalls, demands for immediate payment, and threats to have taxpayers arrested immediately.
From: G+Security Team 2017 <colvinn @wyomingps.org>
Date: 2017-06-27 11:55 GMT-04:00
Subject: Avoid the closure of your mail account,
To:
From: "Email Help" <newsletter @emailhelpreview.com>
Date: June 25, 2017 at 3:54:07 PM EDT
To < Brown address>
Subject: Activate Your Google Gsuite Account
From: -noreply <jech7be @hps21.org> OR Mail Update2017 <branniba @miamioh.edu>
Date: 2017-06-23 12:01 GMT-04:00
Subject: Failure to update your account will lead to closure
From: Rougeau, Janis K <JROUGEAU @houstonisd.org>
Date: Thu, Jun 15, 2017 at 11:33 AM
Subject: Faulty\Staff
To: "Rougeau, Janis K" <JROUGEAU @houstonisd.org>
From: G+@-Notice <abbottet @miamioh.edu>
Date: 2017-06-09 13:35 GMT-04:00
Subject: Important update notice to prevent account closure
To:
From: Library Services - Brown Library <libraryservices @kocaeli.edu.tr>
Date: Wed, Jun 7, 2017 at 6:03 PM
Subject: Library Account
To: [ Brown address ]
Dear Library Member,
From: IT Department <itdepartment @university.com>
Date: Tue, May 23, 2017 at 4:58 PM
Subject: Change of Staff Mail
To: Josiah_Carberry @ brown.edu
This scam email poses as an alert that someone else may have logged into your device when it's trying to gather personal information instead.
The digital signing service DocuSign reported that they'd been hacked by an unnamed third-party, who got access to email addresses of its users, which in turn were used to phish others.
From: Kane, Agnes <agnes_kane @brown.edu>
Date: Mon, May 15, 2017 at 1:14 PM
Subject: Documents
To: BMETRAINERS@listserv.brown.edu
Beware email that looks like it is was sent by Brown's Alumni Assocation, but is actually from an "unofficial alumni network" organized through Trimian.com.
We have received a report of an email, supposedly sent by President Paxson, requesting that the recipient post transactions for the sender.
We are aware of a widespread scam of what appear to be Google Drive sharing notices. See the end of this posting for an example screenshot.
From: Ali Fardan <rasalinvestmentauthority @gmail.com>
To: <ithelp @brown.edu>
Subject: Purchase Order
Date: Tue, 2nd May 2017 2:17am
DEAR SIR,
In this phishing scheme, scammers send emails impersonating LinkedIn, to try luring you to a fake website where you would download your CV.
From: Jane Kristin Helgesen <jane-kristin.helgesen @sarpsborg.com>
Date: Mon, Apr 24, 2017 at 8:30 AM
Subject: RE: IT DEPARTMENT
This phishing email attempts to lure you with the sender name of "Prudential Financial", and a file link that includes your name.
Pages
If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.