Internal Phishing Program
We run internal phishing campaign assessments to raise awareness about phishing attacks, their consequences, and how to avoid becoming a victim. Here's how it works:
- The CES Security Operations Center will work with school IT leadership and other staff across campus to send employees a test phishing email that simulates the kinds of emails used by real criminals.
- Employees who receive suspicious emails should report them whether or not they think it is part of the test.
- Employees who fall for one of the test phishing emails will instantly see a message that outlines ways to identify malicious emails. Unit Leadership or CES Security may request they take phishing training as part of the follow-up recommendation.
Note: Internal phishing campaigns are only learning exercises; employees will not be punished for falling for one of the simulated phishing tests. All employees are to treat suspicious emails as potentially dangerous. Although the test emails are not malicious, REAL phishing attacks threaten our university and college communities. We can help each other by reporting suspicious email messages. Check our phishing page or the Phish Bowl for more information.
Contact the CES Security Operations Center to learn more about running a phishing assessment for your group.
data-content-type=""
overrideBackgroundColorOrImage=
overrideTextColor=
overrideTextAlignment=
overrideCardHideSection=
overrideCardHideByline=
overrideCardHideDescription=
overridebuttonBgColor=
overrideButtonText=
overrideTextAlignment=