In the last month the Technology Department “Phish” tested our district staff with the following email. It probably looks very familiar, as the minute it went out our Help Desk and the Communications department received many alert calls about its suspicious nature.
We sent this message to determine a baseline risk potential for our district, as well as determine a need for further phishing training. Based on the results, we did fairly well as a district, coming in below the typical industry standard score of an organization our size. We had a “Phish Prone” score of 22.8% compared to the industry average of 27.7%.
Specifically in this message we measured whether or not a user opened the message (which is completely fine), clicked on the link, and if clicked, entered information. The information above is what was used to calculate our score. Based on our responses and score, we plan to provide more phishing education for you in the future, as well as occasional tests to measure our progress.
In this email, there were four items that recipients should have looked for:
- The sender and domain. Often times phishers can “spoof” (fake) domains so that emails look authentic. Even if the domain looks correct, is the user someone you are familiar with?
- The subject line is trying to convey a sense of urgency. Phishers often try to take advantage of urgent situations to get you act before you think through the situation clearly.
- The email is directing you to click on or open a link. Urgent emails directing you to click or open something should be a warning that more inspection is warranted.
- When you mouse over/hover the link, the URL doesn’t match. Typically when you hover over a link, in the browser window you will see the URL (web address). If the URL does not sensibly match the sender or content of the email, this should be a warning.
Phishing emails are not going away and our automated filters will occasionally let some pass through. If you encounter an email that you feel is suspicious, but are not sure, contact the Help Desk at Ext. 6172 and they can provide guidance.
For more information related to Phishing and Social Engineering, this video from Google for Education is a great place to start. Stay Safe from Phishing and Scams