Eastern Michigan University

March 2014 Phishing Report

March 2014 PhishMe Report

The ninth PhishMe.com simulation I.T. sent via email began on March 26, 2014 and ran for 5 full days with delivery to 951 staff emich.edu mailboxes. As can be seen by the chart to the right, at least 222 individuals were tricked into providing personal information for an offer that seemed too good to be true.

Statistics also revealed that:

  • 71 were repeat victims
  • 10 were third time victims
  • 27 flagged the email as spam
  • 117 min. of education delivered for this Phish
  • 359 min. of education delivered since 6/2013
  • 143 victims responded in the first hour
  • 206 victims responded in the first 8 hours
  • 211 victims responded on the first day

 

How it worked

When the EMU recipient opened the email (see Phishing Email below) they were enticed to click on the "Survey Link" provided. This link actually brought them to a strange landing page at "login.linkedover.com" (see Landing Page below) where they were asked for their username and password. If they clicked the "Login" button or pressed the return key on their keyboard, they were redirected to the education page to view a 1 minute video  (see Education Page below).

If after critically reviewing a message, you still cannot tell if a message is a phishing attack, ask peers or the department that supposedly sent the message. In addition to all other options, the I.T. team is always willing to help you sort out such issues. Contact the Help Desk at 734.487.2120.

 

Phishing Email 

9th Phish Email image

 

Landing Page

Landing Page image

 

 

 Education Page

March 2014 Education Page