Educause Security Discussion mailing list archives

Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice

From: Alexander Johnson <000000a201751165-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Mon, 17 Dec 2018 16:13:04 +0000

Ashley,

Our institution uses Knowbe4 for this purpose. We have seen great results. We require our full-time staff/faculty to 
complete yearly training that covers basic threats that our users may encounter. This coupled with monthly phishing 
simulations has greatly increased awareness. In fact, users are now overly cautious when it comes to email but this is 
handy when something inevitably get past our spam filter.

I'm happy to answer any specific questions you have via email or phone.

Alexander Johnson
Network Administrator
Information Technology
o: 918.335.6295  m:918.332.6587

OKLAHOMA WESLEYAN UNIVERSITY
[visit our 
website]<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwu.edu%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3du%252FwuLCi7nXTTm23ZCJO4YUsv3Rd67rU5DtFd1g%252BPmCQ%253D%26reserved%3d0&c=E,1,7zX8hnkU4k3O9q9fFaxjt4gZjo9olZYy3D2ATJtT1VrO3pzLemageCtZMhUAqSpXgMLngR3dBJz199bzlolPj-mmbSlG-6CmRIeanoTWVjQ,&typo=1>
 [follow our athletics program] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwueagles.com%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dqqfnntGI8HTE8MWCSQ%252BkiTQuM3kkg31wqqCF1onSXUU%253D%26reserved%3d0&c=E,1,X_25xVM06z2xeIwnjacGdtKe9I9jn8-sMynbc0AcT_L0EJoGJsuE5cs3h5c-497IN7UvL9iAJ6m2Zsecy_PcnI_52TwmLv9Su_cCr9Y1fQ,,&typo=1>
  [follow us on facebook] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.facebook.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3d0BXM6ydAOlpq%252F%252FrX%252FZjHwhRCvwgH8625d10rvutr3s4%253D%26reserved%3d0&c=E,1,j03KOOLeawEqRgNOFcd0M6jOllWA_iaUTXcvBsBVWAqUEc_2FSkCtA7pn2W4XLDnsij8rddmp5NI_Dud87K3HkxmC1lRhEpHdG8jOsA--Oi_5cnilg,,&typo=1>
  [follow us on twitter] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.twitter.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dHyaGXY6Lpssh98aCrE%252FPnW0rNF3ewpP0bhFkrPW3Rrs%253D%26reserved%3d0&c=E,1,0vO2_GHutdNUsI_cWf3uNSImZTDn0U5TuyZQt1HwXHLMn0N7DZMLTqpOmsbou_ntVKD4tHRTq3YLmvrHxfbSj7C3nIUMkYiTU4p4uqMArMqi&typo=1>
  [follow us on instagram] 
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.instagram.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dMpab7i67Ktsfawj%252FjmFqqq0cZzpuy4FBConYyZkeEjg%253D%26reserved%3d0&c=E,1,tj5h1aQn6TiMquUFbTip0u6lH0csi6YNAUyGmmZ2Mtvt-avD8X7R4UKzgdEa0QljkUgkTx_ZxEQVfUgS9NTThy8Hv0Zu3uXjiyg1nxuHK4Bfw-fl1-o,&typo=1>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Valentijn, Ashley
Sent: Monday, December 17, 2018 9:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice


Good morning,



We want to launch an internal phishing simulation in order to better train our employees on recognizing phishing 
emails. Target participants are university faculty and staff.



Any advice, suggestions, and/or recommendations on how to successfully implement such a simulation would be much 
appreciated. We are looking at possibly using GoPhish or Microsoft's new Phishing Attack Simulator.



Thank you in advance! Feel free to send me a direct email or I am also open to the possibility of a quick phone call.



Warm Regards,
Ashley Valentijn
Security Engineer
Information Security Office
University of Miami
P: 305-284-4582 | E: axv749 () miami edu<mailto:axv749 () miami edu>

Current thread:

Internal Phishing Simulation Advice Valentijn, Ashley (Dec 17)
- Re: Internal Phishing Simulation Advice Scantlin, Aaron J. (Dec 17)
- Re: Internal Phishing Simulation Advice Manjak, Martin (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Alexander Johnson (Dec 17)
  - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Frank Barton (Dec 17)
  - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Allan Chen (Dec 17)
    - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Alexander Johnson (Dec 17)
    - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Michael Duff (Dec 17)
    - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Kevin Wilcox (Dec 17)
    - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Alexander Johnson (Dec 17)
    - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Kevin Wilcox (Dec 17)
    - Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Shahra Meshkaty (Dec 17)
- Re: Internal Phishing Simulation Advice WALTER KERNER (Dec 17)
- Re: Internal Phishing Simulation Advice Allen Mundt (Dec 17)

(Thread continues...)