The following emails are phishing attempts that have been reported by the Brown community. We advise that you do the following:
- If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.
- If you received the same email but from a different Brown address than shown, please forward it to us so that we can attend to the new compromise.
- If you received one already posted here, please report it as phishing to the Gmail team (from within the message, click on the down arrow to the right of the REPLY button and select "Report phishing") or simply delete it.
- More about phishing at brown.edu/go/phishing and What to do When You Spot a Phish.
- Please note that the Phish Bowl account is actively monitored during regular business hours and periodically at other times.
From: IRS.gov < jminie147 @hcc.edu >
Date: Thu, Jan 15, 2015 at 4:45 AM
Subject: E-file Record Validation
IRS/E-file Q&A Record Validation Act.
Update Your 2015 Tax Record Validation.
Proceed To The Following Link to Update your 2015 1098-T Tax Record
electronically,Is Easy and Secure.
Update IRS/E-file immediately, click here to - < Update >
For your protection, this link would expire in three hours
From: John Smith < john.smith @mail-irs.gov >
Sent: Tuesday, January 13, 2015 6:13 AM
To: xxxxxx @brown.edu
Subject: Your tax return was incorrectly filled out
Attention: Owner/ Manager
We would like to inform you that you have made mistakes while completing the last tax form application (ID: 929039369847) .
Please follow the advice of our tax specialists HERE
Please amend the mistakes and send the corrected tax return to your tax agent as soon as possible.
From: Ashley Everett < ashevere @gmail.com >
Date: Sat, Jan 10, 2015 at 6:49 AM
Subject: Required Documents.
Kindly OPEN to download the required documents needed.
Best, Ashley Everett
Policy and Research-The Newark Public Schools
Rutgers University- Honors College
Phi Alpha Theta-National History Honor Society
Alpha Kappa Alpha Sorority, Inc.- Gamma Zeta Chapter
От: < student.services @edmurals.com >
Тема: Private Student Loans – Now get Aid for Tuition, Food, Rent, Textbooks , Computers and More!
Дата: 12 января 2015 г., 15:00:27 GMT-05:00
* THIS EMAIL CONTAINS VALUABLE INFORMATION FOR STUDENTS
The Private Student Loan Network is the premiere destination for
thousands of Students trying to meet the rising costs of education.
* You can compare all large Student Lenders under one roof.
* You get simplified expert insights, advice and guidance.
* Till you don't sign the actual documents, you are under ZERO obligations.
Step 1 will take under 5 minutes. To start, simply click below NOW!
Ed Murals | Campus Outreach Program Coordinator
Suite 41-43, 735 Blake Street, Denver, CO 80205
We respect your privacy. We do not send out more than 1 email
every 6 months. Please hit Reply with "Unsubscribe Me"
in the Subject field if you wish to do so.
Proudly sent via Promail
Several reports of the "DHL Package Arrived" email this afternoon.
Two variations with slighlty different subject lines on a phishing email reported on 11/14/2014.
From: Dawn Hart < dawn.hart @reedleycollege.edu >
Date: Wed, Jan 7, 2015 at 9:36 AM
Subject: RE: Faculty & Staff Outlook Confirmation
To: Dawn Hart < dawn.hart @reedleycollege.edu >
Dear mailbox user,
We currently upgraded to 4GB space. Please log-in to your account in order to validate
E-space. Your emails won't be delivered by our server, unless email account is confirmed.
Click on faculty and staff email confirmation to confirm details of your email account.
Note that failure to confirm your email with this notification, would lead to dismissal of your
user account. Protecting your email account is our primary concern.
This has become necessary to serve you better.
Copyright ©2014 IT Help Desk....
From: Berchard Suber < berchard.suber @rosemont.edu >
Date: January 6, 2015 9:50:11 AM EST
To: Berchard Suber < berchard.suber @rosemont.edu >
Subject: RE: Faculty staff and student email notification !
Dear mailbox user,
We currently upgraded to 4GB space. Please log-in to the outlook web app portal with the required informations in order to validate
E-space and to activate the new offline access. Your emails won't be delivered by our server, unless email account is upgraded to the 2015 web app.
Click here on faculty staff and student email portal to upgrade details of your email account.
Note that failure to upgrade your email with this notification, would lead to dismissal of your user account.
Protecting your email account is our primary concern.
This has become necessary to serve you better.
IT Help Desk....
© 2015 Microsoft Corporation. All rights reserved.
From: Kristin Bishop < kristin.bishop @fiu.edu >
Date: Fri, Jan 2, 2015 at 1:08 PM
Subject: Kristin Bishop doc#987654
DOCUMENTS FOR YOU
Compliment of the season !!
I need you to go through this uploaded files, Due to the size i have zipped and compressed it making it accessible via google secure folders.
For immediate access click Access Files Here just sign in with your email, This files are very important.
Let me know what you think.
Kristin Bishop, Asst. Professor
(From the Admin: This is a long time and on-going scam, which attacks small, targeted groups of emails. It is also an example of "social engineering", as a dialogue usually is created before the money is sent.)
From: P. Senthil Kumar < senthilngri @yahoo.com >
Sent: Wednesday, December 17, 2014 1:49 AM
To: senthilngri @yahoo.com
Subject: Help please
Hope all is well with you, am out of town I travel to Turkey for a short vacation , I have a little problem here my ATM card didn't work here... I tried about 5 different ATM booths no money was dispensed. am stranded here I don't have any money with me. I need you to wire me 20 00 Euro or whatever amount if not all via western Union I'll refund back your money immediately I get back next week.
Let me know if you can help me out.
Hope to hear from you soon
A variation on an earlier alert: same subject but new content and sender.
From: Gmail Account < xxxx_xxxxxx @brown.edu >
Date: Tuesday, December 23, 2014
Subject: Your account will be SHUTDOWN
Your email account *********@gmail.com is due for upgrade!
Upgrade Your Account
You are required to validate your details within 24 hours of this notice and we'll help you take corrective actions.
You are receiving this notification for every newly generated Google Account Activity Report. Change reminder settings
Though this particular phishing email has not been spotted here at Brown, it is mentioned here because it has made the rounds at other universities. A typical email would include content such as:
This letter is to confirm our decision to our staffs
that some of us has been terminated in duties as a result of
going against the ethics and standard of the institution
according to the information's gathered over time, we advise
all the affected to please bear with us, these listed staffs
are relief of their duties until further clarifications.
Should in case you identify your full names, department,
email, appointment date/title, current position, ID
number/phone number. Please await our next mail for further
required procedures. Please find the attached and download to
Thank you and best regards.
<signature line with name and office of the institution's president>
An alert for a similar email has been posted on the Virginia Commonwealth University website. How many things can you find suspicious about either one?