Description
Phishing is when internet attackers impersonate someone or something you know to get you to disclose sensitive information, such as your password or credit card details. Anything from your bank routing information to learning if you have an account with a particular service is all valuable information to an attacker.
Simulated phishing is a cybersecurity training technique where fake phishing emails are sent to students and staff to mimic real phishing attacks. The goal is to educate recipients on how to recognize and respond to such threats without the risk of actual harm. These exercises help individuals understand the tactics used by cybercriminals and improve their ability to identify suspicious emails.
This article provides information about why OHIO University runs simulated phishing exercises.
Why Does Ohio University Conduct Simulated Phishing Exercises?
Enhance Cybersecurity Awareness Among Students and Staff
- Simulated phishing exercises help students and staff recognize and respond to phishing attempts. These exercises provide practical experience, making theoretical cybersecurity training more effective. Phishing attacks are a leading cause of data breaches. By regularly conducting simulated phishing exercises, universities can significantly reduce the risk of students and staff falling victim to real phishing attacks, thereby protecting sensitive information and maintaining the integrity of their systems.
Measure Training Effectiveness
- These simulations serve as a tool to evaluate the effectiveness of existing cybersecurity training programs. By identifying gaps in knowledge and areas where students and staff are most vulnerable, universities can tailor their training to address specific weaknesses.
Foster a Security-Conscious Culture
- Regular phishing simulations help foster a culture of security within the university. When students and staff are aware of potential threats and know how to handle them, they become an active part of the university's defense strategy.
Requesting Simulated Phishing
Department heads and instructors can request to have a simulated phishing exercise for their class or department. Please reach out to the Office of Information Security at security@ohio.edu to begin the process. An Analyst will help to tailor the phishing exercise based on real phishing emails our community has received as well as the needs of your group. Following the exercise, the requester will receive results and statistics from the exercise.
Additional Resources