We recently ran a simulated phishing security test to determine what Beloit’s vulnerability would be if a real phishing attack were to happen to our users. The good news is that 80% of you either did not open or engage with this email. The not-so-good news is that 20% of employees fell for this simulated attack.
Phishing is the process of trying to gain access to sensitive information such as usernames, passwords, and other personal identifiers by pretending to be a credible entity. Our initial test email could be characterized as a fairly unsophisticated phishing attempt. If we had spoofed a known Beloit College email account as the sender, we expect that the failure percentage might have been higher.
Cybercrime is increasing rapidly. Hackers are getting smarter about tricking people into clicking on fraudulent links or opening up malicious attachments in emails. Because of this, LITS strongly encourages all faculty and staff to learn more about security awareness and the ways each of us can help protect ourselves and the college from cybercrime.
Friday morning, you will receive an email invitation from our security partner, KnowBe4, to complete a 15-minute online security training program. We hope that you will find some time to complete this important cyber security training by the end of May. During this month, you will receive some reminders from KnowBe4 about participating in the training.
Starting in June and continuing through the next academic year, LITS will continue to work with our partner to conduct additional simulated phishing tests. The purpose is to help everyone improve their ability to spot phishing attempts more easily. Additional training materials will be shared with anyone that fails a future simulated attack. These materials will provide relevant information that will help you avoid similar phishing attacks in the future.
Thanks for your cooperation as we work together to improve our cyber security.