Eastern Michigan University

Phishing Education Program from Phishme.com

Phishme.com logo

In July 2013, EMU staff members were enrolled in the inaugural year of the PhishMe Spear Phishing Education program. The program kicks off again, beginning in October,  for the 2014-2015 academic year.  Each staff member received the enrollment notification via EagleMail announcing the program. Up to two new simulations and training exercises are delivered each month.   

The program is expanded this year to provide licenses for faculty members and lecturers to opt-in to the program if they wish to participate.  Professors and lecturers interested in participating should contact Rocky Jenkins at rjenkins@emich.edu.

The table below shows the results of phishing simulations sent each month. Note the percentage of employees that both resisted and succumbed to the phish, highlighted in yellow. Also, be sure to click on the Email Simulation column to learn more about each simulation and how to avoid becoming a victim.

Date Sent
Opened Email /Clicked Link
Resisted the Phish Succumbed to the Phish / Entered Password
Marked as Spam
Previously Succumbed to a Phish (count)

Simulation

Report

7/30/13

324/66

96% 4% 148 2 July 2013 Report
8/22/13 323/63 96% 4% 148 10 Aug 2013 Report
9/16/13 603/279 81% 20% 143 17 Sep 2013 Report
10/14/13 338/58 96% 4% 153 17 Oct 2013 Report
11/25/13 291/10 99.8% 0.2% 122 2 Nov 2013 Report
12/11/13 449/134 91% 9% 96 14

Dec 2013 Report

1/29/14

332/58

94% 6% 5 13

Jan 2014 Report

2/18/14 16/9 99% 0.7% 145 8

Feb 2014 Report

3/26/14 474/266 77% 23% 27 71

March 2014 Report

4/21/14 463/86 98% 2% 110 7

April 2014 Report

5/28/14 597/216 85% 15% 116 76

May 2014 Report

10/14/14 558/349 75% 25% 77 130

October 2014 Report

12/15/14 610/186 90%  10%  150  63 Dec 2014 Report
2/3/15 585/368 80% 20% 44 154

Feb 2015 Report

3/18/15 365/101 95% 6% 89 61

March 2015 Report

4/27/15 612/256  89%  11%  139  138 April 2015 Report
 5/11/15  441/70  98%  2%  228  17 May 2015 Report

Phishing Education page image

The program is not designed to punish you, but rather to provide good advice on how to avoid becoming a victim in the future.  I.T. may confidentially contact individuals who succumb to more than one simulation to offer one-to-one assistance to help those individuals better spot future phishing attempts.

Each simulation, most of which were patterned after actual phishing emails received at EMU, entices you to click on a link or attachment which asks that you enter your NetID* and password.

If you fall victim to the phishing scam, you are redirected to an education page, which looks like the image shown here, where you are to view a one-minute video on phishing.

For more information about the Phishing Education Program or other phishing related topics, contact Rocky Jenkins at rjenkins@emich.edu.

*formerly my.emich username