Phish Bowl

The following emails are phishing attempts that have been reported by the Brown community. We advise that you do the following:

  • If you received one and do not see it here, please forward it to PhishBowl@brown.edu (after stripping off any attachments) so that the phishing email can be added to the page.
  • If you received the same email but from a different Brown address than shown, please forward it to us so that we can attend to the new compromise.
  • If you received one already posted here, please report it as phishing to the Gmail team (from within the message, click on the down arrow to the right of the REPLY button and select "Report phishing") or simply delete it.
  • More about phishing at brown.edu/go/phishing and What to do When You Spot a Phish.
  • Please note that the Phish Bowl account is actively monitored during regular business hours and periodically at other times.
Phishing Alert
Nov 21, 2014 - 3:56 pm

From: Brown University < kimberly_meilun @brown.edu>
Date: Fri, Nov 21, 2014 at 3:46 PM
Subject: Message From Brown Information Security: Your email account has been compromised
To:

Dear Brown User,

Attention you have almost exceeded your account mailbox storage quota.
To update or upgrade this process click the link below. Please *Click Here*

Webmaster Support
************************** 

Phishing Alert
Nov 17, 2014 - 11:02 am

From: Franklin, Natalie R < natalie.r.franklin @vanderbilt.edu >
Date: Mon, Nov 17, 2014 at 10:51 AM
Subject: RE: Help Desk Important Notification ‏‏‏!
To: "Franklin, Natalie R" < natalie.r.franklin @vanderbilt.edu >

Dear Webmail User;
Due to the strengthening our security system and improving your mailing experience, We have detected your mail settings are out of date. you are directed to update all outlook mail boxes. To Complete this procedure, kindly click HELPDESK to update your account to the latest Outlook Web Apps 2014, login to the Exchange outlook log in and automatically update your mailbox by filling out the requirements correctly.
___________________
Sincerely,
ITS Service Desk
©2014 Microsoft outlook. All rights reserved.


From: Franklin, Natalie R < natalie.r.franklin @vanderbilt.edu >
Date: Mon, Nov 17, 2014 at 10:46 AM
Subject: Faculty and Staff Email‏ Notification
To: "Franklin, Natalie R" < natalie.r.franklin @vanderbilt.edu >

Dear user, We currently upgraded to 30GB inbox space. Please log-in to your account to validate E-space.
Your emails won't be delivered by our server, unless email account is confirmed.
Click on Outlook Web Access to confirm details of your user account.
Note that password should not be change once email account has been confirmed.
Protecting your email account is our primary concern
Copyright ©2014 ITS Help Desk​.

Phishing Alert
Nov 16, 2014 - 7:28 pm

​From: IRS.gov < conlan_orino @brown.edu >
Date: Sun, Nov 16, 2014 at 6:27 PM
Subject: E-file
To:

Your Revenue Record Shows You Are Still Yet To Validate.

Update your IRS E-file immediately, click here to - < Update >
For your protection, this link would expire in six hours

Phishing Alert
Nov 16, 2014 - 7:22 pm

From: WEBMASTER < luke_irwin @brown.edu >
Date: Sun, Nov 16, 2014 at 7:09 PM
Subject: Re-Validate Your School Mail Box‏‏
To:

Re-Validate- < Click Here>>

NOTE: That Failure to comply may result in the loss of your account within the next 24 hours.

Signed By Webmaster. 

Phishing Alert
Nov 16, 2014 - 7:19 pm

From: "IRS.gov" < woojeong_jang @brown.edu >
Date: Nov 16, 2014 5:53 PM
Subject: Identity protection‏‏
To:
Cc:

Update your IRS E-file immediately, click here to - < Update >
For your protection, this link would expire in six hours 

Phishing Alert
Nov 14, 2014 - 2:10 pm

The following suspicious email was reported. Follow-up with Citizens confirmed that it was not phishing, but rather, a notification that was sent in error and can be disregarded. They also assured us that no accounts had been compromised.


From: noreply @citizensbank.com
Subject: New Account Information
Date: November 14, 2014 at 7:30:50 AM EST
To: "xxxxxx @brown.edu"
Reply-To: xxxxxx @brown.edu

An account has been created for you with the following details. You will be required to change your password on next login.

UserID: 4427870000009673_CONSUMER
Password: [ redacted ]
For any issues, please contact [admin email or phone]

Use of email is inherently insecure. Confidential information, including account information, and personally identifiable information, should not be transmitted via email, or email attachment.The information in this email may contain confidential and/or privileged information and is intended only for the use of the individual/entity named above. Any disclosure, copying, distribution or use of this information is strictly prohibited. If you have received this communication in error, please notify the sender immediately and destroy any record of this email.

Citizens Bank, N.A. is an affiliate of Citizens Financial Group, Inc. 

Phishing Alert
Nov 14, 2014 - 9:31 am

From: Ritchie, Mark < m_ritchie3 @fanshawec.ca >
Date: Fri, Nov 14, 2014 at 9:02 AM
Subject: Faculty and Staff email notification
To: "Ritchie, Mark" < m_ritchie3 @fanshawec.ca >

Dear user,
We currently upgraded to 30GB inbox space. Please log-in to your account to validate E-space.
Your emails won't be delivered by our server, unless email account is confirmed.
Click on Outlook Web Access to confirm details of your user account.
Note that password should not be change once email account has been confirmed.
Protecting your email account is our primary concern
Copyright ©2014 ITS Help Desk​. 

Phishing Alert
Nov 12, 2014 - 3:15 pm

If you receive the following phishing email, you can report it to Apple at reportphishing@apple.com. More details on their Phishing & Other Suspicious Emails and Identifying Legitimate Emails from the iTunes Store page.


From: iTunes < store @apple.com >
Date: Wed, Nov 12, 2014 at 8:59 AM
Subject: Order Number: W5562803
To: xxxx_xxxxx @brown.edu

Order Number: W5562803
Ordered on November 11, 2014
Dear Apple Member,

Thank you for shopping Apple.com. Please review your order details below and retain this email for your records. You will receive a shipping confirmation email once your order has shipped.

For more information please check PDF invoice on our site https: //www.apple.com/support/itunes/account/billing


Phishing Alert
Nov 12, 2014 - 3:02 pm

---------- Forwarded message ----------
From: Email Account Team <admin @amlakshemshad.ir>
Date: Wed, Nov 12, 2014 at 2:39 AM
Subject: OUR FINAL ACCOUNT NOTICE!!!
To: help @brown.edu

Your mailbox is almost full.

Dear help @brown.edu
3840MB   4096MB
Current size   Maximum size
Please reduce your mailbox size. Delete any items you don't need from your mailbox and empty your Deleted Items folder. Click here to do reduce size automatically.
 
Thanks,
Mail System Administrator
 
This notification was sent to help @brown.edu; Don't want occasional updates about subscription preferences and friendly suggestions? Change what email Google+ sends you.
Google Inc., 1600 Amphitheatre Pkwy, Mounmicn View, CA 94043 USA
Phishing Alert
Nov 12, 2014 - 2:57 pm

This is being sent using a variety of invoices numbers.

 


From: < billing.address.updates @adp.com >
Date: Wed, Nov 12, 2014 at 11:38 AM
Subject: ADP Past Due Invoice#97818840
To:

 

Your ADP past due invoice is ready for your review at ADP Online Invoice Management .

If you have any questions regarding this invoice, please contact your ADP service team at the number provided on the invoice for assistance.

Please note that your bank account will be debited within one banking business day for the amount(s) shown on the invoice.

Review your ADP past due invoice here.

Important: Please do not respond to this message. It comes from an unattended mailbox.