Don’t get hooked on our Phishing Awareness Program!

In the past year, several high-profile cases of phishing and spear-phishing have endangered university data. If such an email lands in one of our inboxes, we're just a click away from compromising our organization's security. You and your co-workers are an integral part of our information security posture. To help prevent this attack method from being successful, we will continue our immersive spear-phishing awareness program.

In this program you will periodically receive simulated spear-phishing emails that imitate real attacks.

Spear-phishing emails are malicious messages that look like they are from someone inside your organization—but aren’t. Our awareness program’s simulated emails are designed to give you a realistic experience in a safe and controlled environment. This method helps you to become familiar and more resilient to tactics used in real spear-phishing attacks.

While there is no penalty to falling for one of the simulations, we do ask that you take 30 – 60 seconds to read and understand the brief education material that is presented afterward. As the program progresses you should be able to better spot spear-phishing attacks, both at home and in the workplace.

If you receive a simulated or real phishing email:

Although your first instinct might be to delete or ignore suspicious emails, we ask that you report them to our Incident Response team using PhishMe Reporter, which is installed on all campus-owned computers. Simply click the “Report Phishing” button located at the upper-right of your Outlook inbox (Windows), or in the Dock (Mac OS X). Your submission will be immediately confirmed by email.

Arm yourself with our phishing awareness training program.

As part of our training program, we are offering online training modules that explain what to look out for and how to avoid putting our organization at risk. As you complete the courses, you’ll be able to thwart phishing attacks, both in the workplace and at home. Simply go to phishing.iu.edu and log in; this will direct you to the eTraining page, where you’ll find an enrollment link for the courses.

If you have questions or would like assistance, feel free to contact the UITS Support Center by email at kohelp@iu.edu or call 765-455-9315.

97%of users cannot identify sophisticated phishing emails

#1E-mail is the top way malware is delivered

$1.6Mis the average amount lost in a successful spear phishing attempt