Phish Bowl

From: delilah brian <delilahbrian@gmail.com>
Date: Wed, Jun 16, 2021 at 7:42 PM
Subject: ADMINISTRATIVE ASSISTANT NEEDED!
To:

From: Mail Administrator <emailadm@brown.edu>
Date: Thu, Jun 17, 2021 at 12:28 AM

Many reported an unexpected (but legitimate) email from Gallagher Student Health on behalf of Brown. Gallagher is Brown's health insurance plan for students.

From: William Tsiaras <pamilar001@gmail.com>
Date: Fri, Jun 11, 2021 at 7:23 AM
Subject: Medical Student Position
To:

From: Prof Roger <sacksmith999@gmail.com>
Date: Tue, Jun 8, 2021 at 9:33 PM
Subject: BROWN UNIVERSITY STUDENT EMPLOYMENT
To:

From: James Warburton <jwarburton008@gmail.com>
Date: June 8, 2021 at 12:27:25 PM EDT

From: ON-CAMPUS JOBS <adegokeyinka76@gmail.com>
Date: Mon, Jun 7, 2021 at 9:21 AM
Subject: BROWN UNIVERSITY STUDENT HIRE
To:

From: Prof Janet <barry01d1@gmail.com> or Alexander Baker <bakerqueens880@gmail.com>

From: Prof. Kenneth <ahamdielekwa@gmail.com>
Date: Thu, Jun 3, 2021 at 12:18 PM or  Sun, May 30, 2021 at 5:33 PM

From: devora kluemper <kluemperd43@gmail.com>
Date: Thu, Jun 3, 2021 at 10:33 AM
Subject: ORDER 2021
To:

Dear Member,

Be on the lookout for fake copyright warnings that may arrive via a contact form web page -- they usually point to an apparent Google site that can trick you into installing ransomware.

From: STUDENT JOBS <doniscarter63@gmail.com> or Stone James <liza.sten0015@gmail.com>

Can you identify the clues in the following email that indicate it's a scam, as well as the emotional buttons that are being pushed?

From: Campus Jobs <solarubi61@gmail.com>
Date: Mon, May 31, 2021 at 3:51 AM
Subject: PANDEMIC SUPPORT HIRE
To:

The "malware sextortion" threat has been reported at Brown again (first seen in 2018), threatening to reveal unsavory secrets if the recipient doesn't promptly pay up (this time $2100 in bitcoins).

From: Anne Mason <AnneMason.k12.edu@terri010.hostpilot.com>
Date: Mon, May 31, 2021 at 10:12 AM
Subject: Ongoing internship program

From: Collins Gray <mizslimsneh@gmail.com>
Date: Mon, May 31, 2021 at 10:13 AM
Subject: AVAILABLE PART-TIME JOB

From: Daniel R. Ames <ramesdaniel235@gmail.com> or Randy Frank <randyfrank305@gmail.com>

From: [REDACTED - actual sender from header details: dan@hillsdalemfg.com]
Date: Mon, May 24, 2021 at 6:22 PM
Subject: Multidisciplinary Research

From: Lynn Sweeney <lynn_sweeney@brown.edu>  [actual sender from header details: davidh@affinitytv247.com]

From: Prof Kenneth <sacksmith999@gmail.com>
Date: Thu, May 20, 2021 at 10:20 AM
Subject: BROWN UNIVERSITY PANDEMIC EMPLOYMENT SUPPORT
To:

From: Dr Sarah Brewer <elizabethrichard991@gmail.com> OR <henryvicky528@gmail.com>OR <

From: Lynn Sweeney <lynn_sweeney@brown.edu> [actual sender is mike@sports-med.com]

Another employment scam, this one with a different subject (STUDENT EMPLOYMENT) and sender (Prof Kenneth), but a tell-tale non-Brown email address (sacksmith999@gmail.com).

Watch out for this clever job scam that looks like it was sent by the Payroll Office (clue #1 - why would the Payroll Office send job notices?), but examination of the headers details shows the identity of the actual

From: Danny Warshay <9009547q@criptext.com>
Date: Thu, May 13, 2021 at 2:26 PM
Subject: Task Request

From: ON-CAMPUS JOBS <eljalladmatt@gmail.com> or <crystalkate000@gmail.com> or Job Opportunity <

From: Russell Carey <universityevents@messages.brown.edu>
Date: May 13, 2021 at 7:19 AM

From: Shelly Fisher <ShellyF@providencewomenleaders.org>
Date: Wed, May 12, 2021 at 9:21 AM

ZoomInfo is not related to the webconferencing tool, Zoom, and is instead a "sales intelligence" business that collects, processes and sells personal data it harvests online to third parties who use it to cultivate ne