Phish Bowl

From: Gauti Eggertsson <p.garcia.illinois.edu@gmail.com>
Date: Tue, Jun 22, 2021, 11:41 AM
Subject:

From: Gauti Eggertsson <p.garcia.illinois.edu@gmail.com>
Date: Tue, Jun 22, 2021, 11:41 AM
Subject:

From: Prof. Kenneth <profsanjayjoshi@gmail.com>
Date: Mon, Jun 21, 2021 at 3:36 PM
Subject: STUDENT RESEARCH OPPORTUNITY!
To:

From: kenneth main <kennethmainconsultant@gmail.com>
Date: Mon, Jun 21, 2021 at 2:50 PM
Subject: Fwd: Fun-jobs
To:

From: Prof Kenneth Sperber <sacksmith999@gmail.com> or Prof. Kenneth <bakerqueens880@gmail.com>

From: Prof. Kenneth <bakerqueens880@gmail.com>
Date: Fri, Jun 18, 2021 at 03:43
Subject: BROWN STUDENT EMPLOYMENT
To:

From: delilah brian <delilahbrian@gmail.com>
Date: Wed, Jun 16, 2021 at 7:42 PM
Subject: ADMINISTRATIVE ASSISTANT NEEDED!
To:

From: Mail Administrator <emailadm@brown.edu>
Date: Thu, Jun 17, 2021 at 12:28 AM

Many reported an unexpected (but legitimate) email from Gallagher Student Health on behalf of Brown. Gallagher is Brown's health insurance plan for students.

From: William Tsiaras <pamilar001@gmail.com>
Date: Fri, Jun 11, 2021 at 7:23 AM
Subject: Medical Student Position
To:

From: Prof Roger <sacksmith999@gmail.com>
Date: Tue, Jun 8, 2021 at 9:33 PM
Subject: BROWN UNIVERSITY STUDENT EMPLOYMENT
To:

From: James Warburton <jwarburton008@gmail.com>
Date: June 8, 2021 at 12:27:25 PM EDT

From: ON-CAMPUS JOBS <adegokeyinka76@gmail.com>
Date: Mon, Jun 7, 2021 at 9:21 AM
Subject: BROWN UNIVERSITY STUDENT HIRE
To:

From: Prof Janet <barry01d1@gmail.com> or Alexander Baker <bakerqueens880@gmail.com>

From: Prof. Kenneth <ahamdielekwa@gmail.com>
Date: Thu, Jun 3, 2021 at 12:18 PM or  Sun, May 30, 2021 at 5:33 PM

From: devora kluemper <kluemperd43@gmail.com>
Date: Thu, Jun 3, 2021 at 10:33 AM
Subject: ORDER 2021
To:

Dear Member,

Be on the lookout for fake copyright warnings that may arrive via a contact form web page -- they usually point to an apparent Google site that can trick you into installing ransomware.

From: STUDENT JOBS <doniscarter63@gmail.com> or Stone James <liza.sten0015@gmail.com>

Can you identify the clues in the following email that indicate it's a scam, as well as the emotional buttons that are being pushed?

From: Campus Jobs <solarubi61@gmail.com>
Date: Mon, May 31, 2021 at 3:51 AM
Subject: PANDEMIC SUPPORT HIRE
To:

The "malware sextortion" threat has been reported at Brown again (first seen in 2018), threatening to reveal unsavory secrets if the recipient doesn't promptly pay up (this time $2100 in bitcoins).

From: Anne Mason <AnneMason.k12.edu@terri010.hostpilot.com>
Date: Mon, May 31, 2021 at 10:12 AM
Subject: Ongoing internship program

From: Collins Gray <mizslimsneh@gmail.com>
Date: Mon, May 31, 2021 at 10:13 AM
Subject: AVAILABLE PART-TIME JOB

From: Daniel R. Ames <ramesdaniel235@gmail.com> or Randy Frank <randyfrank305@gmail.com>

From: [REDACTED - actual sender from header details: dan@hillsdalemfg.com]
Date: Mon, May 24, 2021 at 6:22 PM
Subject: Multidisciplinary Research

From: Lynn Sweeney <lynn_sweeney@brown.edu>  [actual sender from header details: davidh@affinitytv247.com]

From: Prof Kenneth <sacksmith999@gmail.com>
Date: Thu, May 20, 2021 at 10:20 AM
Subject: BROWN UNIVERSITY PANDEMIC EMPLOYMENT SUPPORT
To:

From: Dr Sarah Brewer <elizabethrichard991@gmail.com> OR <henryvicky528@gmail.com>OR <

From: Lynn Sweeney <lynn_sweeney@brown.edu> [actual sender is mike@sports-med.com]

Another employment scam, this one with a different subject (STUDENT EMPLOYMENT) and sender (Prof Kenneth), but a tell-tale non-Brown email address (sacksmith999@gmail.com).