Educause Security Discussion mailing list archives
Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice
From: Frank Barton <bartonf () HUSSON EDU>
Date: Mon, 17 Dec 2018 11:35:13 -0500
I am going to echo Alexander's statements. We also use KnowBe4, and require Faculty and Staff to take an annual training. We also have monthly phishing exercises, and refresher courses for those that fall for phishing messages. I'm sure you have all seen examples of the "Are you available?" scam going around where the victim then gets asked to purchase gift-cards. Based on our internal training, and the KnowBe4 training and messaging, I can say that the last two batches that went around had zero respondents. Frank On Mon, Dec 17, 2018 at 11:23 AM Alexander Johnson < 000000a201751165-dmarc-request () listserv educause edu> wrote:
Ashley, Our institution uses Knowbe4 for this purpose. We have seen great results. We require our full-time staff/faculty to complete yearly training that covers basic threats that our users may encounter. This coupled with monthly phishing simulations has greatly increased awareness. In fact, users are now overly cautious when it comes to email but this is handy when something inevitably get past our spam filter. I’m happy to answer any specific questions you have via email or phone. Alexander Johnson Network Administrator Information Technology o: 918.335.6295 m:918.332.6587 OKLAHOMA WESLEYAN UNIVERSITY [image: visit our website] <https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwu.edu%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3du%252FwuLCi7nXTTm23ZCJO4YUsv3Rd67rU5DtFd1g%252BPmCQ%253D%26reserved%3d0&c=E,1,7zX8hnkU4k3O9q9fFaxjt4gZjo9olZYy3D2ATJtT1VrO3pzLemageCtZMhUAqSpXgMLngR3dBJz199bzlolPj-mmbSlG-6CmRIeanoTWVjQ,&typo=1> [image: follow our athletics program] <https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.okwueagles.com%252F%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dqqfnntGI8HTE8MWCSQ%252BkiTQuM3kkg31wqqCF1onSXUU%253D%26reserved%3d0&c=E,1,X_25xVM06z2xeIwnjacGdtKe9I9jn8-sMynbc0AcT_L0EJoGJsuE5cs3h5c-497IN7UvL9iAJ6m2Zsecy_PcnI_52TwmLv9Su_cCr9Y1fQ,,&typo=1> [image: follow us on facebook] <https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.facebook.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3d0BXM6ydAOlpq%252F%252FrX%252FZjHwhRCvwgH8625d10rvutr3s4%253D%26reserved%3d0&c=E,1,j03KOOLeawEqRgNOFcd0M6jOllWA_iaUTXcvBsBVWAqUEc_2FSkCtA7pn2W4XLDnsij8rddmp5NI_Dud87K3HkxmC1lRhEpHdG8jOsA--Oi_5cnilg,,&typo=1> [image: follow us on twitter] <https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.twitter.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dHyaGXY6Lpssh98aCrE%252FPnW0rNF3ewpP0bhFkrPW3Rrs%253D%26reserved%3d0&c=E,1,0vO2_GHutdNUsI_cWf3uNSImZTDn0U5TuyZQt1HwXHLMn0N7DZMLTqpOmsbou_ntVKD4tHRTq3YLmvrHxfbSj7C3nIUMkYiTU4p4uqMArMqi&typo=1> [image: follow us on instagram] <https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fna01.safelinks.protection.outlook.com%2f%3furl%3dhttp%253A%252F%252Fwww.instagram.com%252Fokwuniv%26data%3d01%257C01%257CBrett.Nelson%2540arris.com%257C9b9489fd9ee64cb4d07a08d5e37d7607%257Cf27929ade5544d55837ac561519c3091%257C1%26sdata%3dMpab7i67Ktsfawj%252FjmFqqq0cZzpuy4FBConYyZkeEjg%253D%26reserved%3d0&c=E,1,tj5h1aQn6TiMquUFbTip0u6lH0csi6YNAUyGmmZ2Mtvt-avD8X7R4UKzgdEa0QljkUgkTx_ZxEQVfUgS9NTThy8Hv0Zu3uXjiyg1nxuHK4Bfw-fl1-o,&typo=1> *From:* The EDUCAUSE Security Community Group Listserv < SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Valentijn, Ashley *Sent:* Monday, December 17, 2018 9:58 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Good morning, We want to launch an internal phishing simulation in order to better train our employees on recognizing phishing emails. Target participants are university faculty and staff. Any advice, suggestions, and/or recommendations on how to successfully implement such a simulation would be much appreciated. We are looking at possibly using GoPhish or Microsoft's new Phishing Attack Simulator. Thank you in advance! Feel free to send me a direct email or I am also open to the possibility of a quick phone call. Warm Regards, *Ashley Valentijn* Security Engineer *Information Security Office* University of Miami *P: 305-284-4582 | E: **axv749 () miami edu <axv749 () miami edu>*
-- Frank Barton, MBA Security+, ACMT, MCP IT Systems Administrator Husson University
Current thread:
- Internal Phishing Simulation Advice Valentijn, Ashley (Dec 17)
- Re: Internal Phishing Simulation Advice Scantlin, Aaron J. (Dec 17)
- Re: Internal Phishing Simulation Advice Manjak, Martin (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Alexander Johnson (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Frank Barton (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Allan Chen (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Alexander Johnson (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Michael Duff (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Kevin Wilcox (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Alexander Johnson (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Kevin Wilcox (Dec 17)
- Re: [EXTERNAL] [SECURITY] Internal Phishing Simulation Advice Shahra Meshkaty (Dec 17)