Phished: Did You Click the Link?

Did you notice the random package delivery notice in your email during the last week of October? We hope you didn’t click on it! Over the last two years, IT@Sam security personnel have sent a fake phishing e-mail as a means to understand how well our security awareness programs are working. Good news: It’s working!

Phishing is a serious attempt cyber criminals use to get your personal information by pretending to be a trustworthy site. In the October IT@Sam Newsletter, our Vice President, Mark Adams, shared how many phishing attempts we catch on a daily basis. On a recent day, SHSU received 230,519 e-mails. Of these 174,192 were evaluated as potential valid e-mails and 56,327 were considered malicious and were rejected.PHISHING 2015

According to statistics from Information Security Officer, Tim McGuffin, we had a surprising total click-through rate at 36%.  We sent 22,332 emails to faculty, staff, and students and had just over 8,000 page views. We’ve included an infographic breaking down the numbers and comparing them to last year. The number of emails sent out this year compared to last year are different because alumni emails were not included.

“Phishing is still our number one source of compromise on campus,” McGuffin says. “But we’re down approximately 30% from where we were last year on actually compromised accounts.”

If you you’d like to know where our fake link sent people, you can look at it here.

Please remember, if you are ever suspicious of an email, don’t hesitate to forward it to us at servicedesk@shsu.edu.