Multiple reports of a suspicious email from “Brown Announcement” with the subject line of “Data Outdated” are coming in to the Help Desk. Like many similar emails, this is phishing pure and simple. If you received a copy, report it as phishing then delete it.
The Help Desk has received multiple reports of a phishing email asking for your username and password to keep your account active due to a supposed server upgrade. BOGUS!! This is phishing, pure and simple. This message is not from the Help Desk nor anyone else at Brown. No legitimate email would ever include a request for such information.
The Help Desk has been alerted that students were being targeted with phony requests for a tutor (example follows). Though the email may sound legitimate and asks only that you respond to it (no links or requests for personal information), it is only the first step in establishing a relationship that would eventually lead to the “advance payment scam”, in which the victim deposits a phony check into his or her bank account and becomes liable to the bank for the balance. Here’s one explanation of how the scam works.
The Help Desk has received multiple reports of a phishing email that warns recipients that “We have temporarily limited all access to sensitive account” and requests users to click on the provided link to reactivate their account. It includes all the tell-tale signs of a phish: it attempts to create a false sense of urgency, requests you click on a suspicious link to address the problem, is from a non-Brown account and not sent directly to your email account, and contains grammar and formatting errors. DO NOT CLICK on the link.
Instead, before deleting it, open the original copy of the email you received and then click on the down arrow, to the right of the REPLY button, and select “Report phishing.” This will send that message immediately to the GMail Team for analysis and filtering. Read more about how to spot a phish.
Another phishing email has been spotted by many in the Brown community today. This one is a hybrid of the common “update your webmail account today”, supposedly sent from the Help Desk and advising recipients to update their “anti-spam/anti-virus/anti-spyware.” It also contains a link to a shared Google doc like other recent phishing emails. As with others, DO NOT CLICK on the link.
ISG has received several reports of an email request from an @brown.edu address, requesting that you accept their request to follow you. ISG advises that you not respond to it or click on any links. They also recommend that before deleting the email you report it as phishing (click on the down arrow to the right of the REPLY button and select “Report phishing”). You can read more about it here.
There have been several sightings of the phishing email for Direct Deposit via ACH payments being disallowed. Like others (see Your Pending ACH Transaction/ and Your Payroll Processing), these emails are meant to install fear and a sense of urgency to prompt the recipient to click on the provided link.
ISG has learned of a scam that has been circulating on college campuses regarding a supposed Masters Certification Program being held at Harvard in late November. The email is from “American Project Management” and is a solicitation to register for a seminar that does not exists.
As usual, ISG advises that you not respond to it or click on any links. They also recommend that before deleting the email you report it as phishing (click on the down arrow to the right of the REPLY button and select “Report phishing”). You can read more about this scam on the Project Weavers (formerly American Project Management) original site (http://americanprojectmanagement.com/)