Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice

[Alexander Johnson <000000a201751165-dmarc-request () LISTSERV EDUCAUSE EDU>]

The simulation sends one email a month. The email itself varies, sometimes is an obviously fake email from “Microsoft” 
other times it’s a tricky email from “Amazon”. The simulation is frustrating for some—because if they fail they are 
automatically enrolled in additional training—the simulation itself is not cumbersome (you simply have to right-click 
to report the email as phishing. We get some heat from those that click on everything, but the heat is worth it.  We’ve 
had the support of the Provost & Deans so no one has really complained all that much.

Alexander Johnson
Network Administrator
Information Technology
o: 918.335.6295  m:918.332.6587

OKLAHOMA WESLEYAN UNIVERSITY
[visit our 
website]<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwu.edu%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3du%252FwuLCi7nXTTm23ZCJO4YUsv3Rd67rU5DtFd1g%252BPmCQ%253D%26reserved%3d0&c=E,1,7zX8hnkU4k3O9q9fFaxjt4gZjo9olZYy3D2ATJtT1VrO3pzLemageCtZMhUAqSpXgMLngR3dBJz199bzlolPj-mmbSlG-6CmRIeanoTWVjQ,&typo=1>
 [follow our athletics program] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwueagles.com%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dqqfnntGI8HTE8MWCSQ%252BkiTQuM3kkg31wqqCF1onSXUU%253D%26reserved%3d0&c=E,1,X_25xVM06z2xeIwnjacGdtKe9I9jn8-sMynbc0AcT_L0EJoGJsuE5cs3h5c-497IN7UvL9iAJ6m2Zsecy_PcnI_52TwmLv9Su_cCr9Y1fQ,,&typo=1>
  [follow us on facebook] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.facebook.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3d0BXM6ydAOlpq%252F%252FrX%252FZjHwhRCvwgH8625d10rvutr3s4%253D%26reserved%3d0&c=E,1,j03KOOLeawEqRgNOFcd0M6jOllWA_iaUTXcvBsBVWAqUEc_2FSkCtA7pn2W4XLDnsij8rddmp5NI_Dud87K3HkxmC1lRhEpHdG8jOsA--Oi_5cnilg,,&typo=1>
  [follow us on twitter] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.twitter.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dHyaGXY6Lpssh98aCrE%252FPnW0rNF3ewpP0bhFkrPW3Rrs%253D%26reserved%3d0&c=E,1,0vO2_GHutdNUsI_cWf3uNSImZTDn0U5TuyZQt1HwXHLMn0N7DZMLTqpOmsbou_ntVKD4tHRTq3YLmvrHxfbSj7C3nIUMkYiTU4p4uqMArMqi&typo=1>
  [follow us on instagram] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.instagram.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dMpab7i67Ktsfawj%252FjmFqqq0cZzpuy4FBConYyZkeEjg%253D%26reserved%3d0&c=E,1,tj5h1aQn6TiMquUFbTip0u6lH0csi6YNAUyGmmZ2Mtvt-avD8X7R4UKzgdEa0QljkUgkTx_ZxEQVfUgS9NTThy8Hv0Zu3uXjiyg1nxuHK4Bfw-fl1-o,&typo=1>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Allan Chen
Sent: Monday, December 17, 2018 10:28 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice

Alexander,
You run monthly phishing simulations? Do you set them up so that it's obvious that it's a simulation? Do you run them 
monthly across the entire institution? That seems pretty frequent, and I worry that if we tried that here that the 
community would feel we are trying to "trick" them on a regular basis. Faculty, in particular.

I know monthly is considered the standard in industry. Higher ed is weird, we all know.
allan

Chief Information Officer
Muhlenberg 
College<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.muhlenberg.edu&c=E,1,H9mi709H4DhCabzFWtbVTt3oMqU2YbS-VdAhern7Mau2-8l6uWdF-ZietIR14uPURpruuG7ZWXKYS-fXf3aJ-ntirpyWi1XWQwQBDRYjxzo,&typo=1>
484-664-3464

Office of Information Technology 
Blog<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fit.blogs.muhlenberg.edu&c=E,1,TckJpzMl1QrlRIdDlnz4_CiF4qBiIHwmvzCHJ7zEDNknyEVTtzzSlFFkQdWduKakOngLa6_4yxX8gaw3RC0k9DLwdPIPCAWFZAfS0hsqWEI,&typo=1>
twitter: @kaiyen<https://twitter.com/kaiyen>



On Mon, Dec 17, 2018 at 11:23 AM Alexander Johnson <000000a201751165-dmarc-request () listserv educause 
edu<mailto:000000a201751165-dmarc-request () listserv educause edu>> wrote:
Ashley,

Our institution uses Knowbe4 for this purpose. We have seen great results. We require our full-time staff/faculty to 
complete yearly training that covers basic threats that our users may encounter. This coupled with monthly phishing 
simulations has greatly increased awareness. In fact, users are now overly cautious when it comes to email but this is 
handy when something inevitably get past our spam filter.

I’m happy to answer any specific questions you have via email or phone.

Alexander Johnson
Network Administrator
Information Technology
o: 918.335.6295  m:918.332.6587

OKLAHOMA WESLEYAN UNIVERSITY
[visit our 
website]<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwu.edu%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3du%252FwuLCi7nXTTm23ZCJO4YUsv3Rd67rU5DtFd1g%252BPmCQ%253D%26reserved%3d0&c=E,1,7zX8hnkU4k3O9q9fFaxjt4gZjo9olZYy3D2ATJtT1VrO3pzLemageCtZMhUAqSpXgMLngR3dBJz199bzlolPj-mmbSlG-6CmRIeanoTWVjQ,&typo=1>
 [follow our athletics program] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwueagles.com%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dqqfnntGI8HTE8MWCSQ%252BkiTQuM3kkg31wqqCF1onSXUU%253D%26reserved%3d0&c=E,1,X_25xVM06z2xeIwnjacGdtKe9I9jn8-sMynbc0AcT_L0EJoGJsuE5cs3h5c-497IN7UvL9iAJ6m2Zsecy_PcnI_52TwmLv9Su_cCr9Y1fQ,,&typo=1>
  [follow us on facebook] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.facebook.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3d0BXM6ydAOlpq%252F%252FrX%252FZjHwhRCvwgH8625d10rvutr3s4%253D%26reserved%3d0&c=E,1,j03KOOLeawEqRgNOFcd0M6jOllWA_iaUTXcvBsBVWAqUEc_2FSkCtA7pn2W4XLDnsij8rddmp5NI_Dud87K3HkxmC1lRhEpHdG8jOsA--Oi_5cnilg,,&typo=1>
  [follow us on twitter] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.twitter.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dHyaGXY6Lpssh98aCrE%252FPnW0rNF3ewpP0bhFkrPW3Rrs%253D%26reserved%3d0&c=E,1,0vO2_GHutdNUsI_cWf3uNSImZTDn0U5TuyZQt1HwXHLMn0N7DZMLTqpOmsbou_ntVKD4tHRTq3YLmvrHxfbSj7C3nIUMkYiTU4p4uqMArMqi&typo=1>
  [follow us on instagram] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.instagram.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dMpab7i67Ktsfawj%252FjmFqqq0cZzpuy4FBConYyZkeEjg%253D%26reserved%3d0&c=E,1,tj5h1aQn6TiMquUFbTip0u6lH0csi6YNAUyGmmZ2Mtvt-avD8X7R4UKzgdEa0QljkUgkTx_ZxEQVfUgS9NTThy8Hv0Zu3uXjiyg1nxuHK4Bfw-fl1-o,&typo=1>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Valentijn, Ashley
Sent: Monday, December 17, 2018 9:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice


Good morning,



We want to launch an internal phishing simulation in order to better train our employees on recognizing phishing 
emails. Target participants are university faculty and staff.



Any advice, suggestions, and/or recommendations on how to successfully implement such a simulation would be much 
appreciated. We are looking at possibly using GoPhish or Microsoft's new Phishing Attack Simulator.



Thank you in advance! Feel free to send me a direct email or I am also open to the possibility of a quick phone call.



Warm Regards,
Ashley Valentijn
Security Engineer
Information Security Office
University of Miami
P: 305-284-4582 | E: axv749 () miami edu<mailto:axv749 () miami edu>