Eastern Michigan University

Phishing Education Program from Phishme.com

Phishme.com logo

In July 2013, EMU staff members were enrolled in the inaugural year of the PhishMe Spear Phishing Education program. The program kicks off again, beginning in October,  for the 2014-2015 academic year.  Each staff member received the enrollment notification via EagleMail announcing the program. Up to two new simulations and training exercises are delivered each month.   

The program is expanded this year to provide licenses for faculty members and lecturers to opt-in to the program if they wish to participate.  Professors and lecturers interested in participating should contact Rocky Jenkins at rjenkins@emich.edu.

The table below shows the results of phishing simulations sent each month. Note the percentage of employees that both resisted and succumbed to the phish, highlighted in yellow. Also, be sure to click on the Email Simulation column to learn more about each simulation and how to avoid becoming a victim.

Date Sent
Opened Email /Clicked Link
Resisted the Phish Succumbed to the Phish / Entered Password
Marked as Spam
Previously Succumbed to a Phish (count)

Simulation

Report

7/30/13

324/66

95.6% 4.4% 148 2 July Report
8/22/13 323/63 96.4% 3.6% 148 10 Aug Report
9/16/13 603/279 80.5% 19.5% 143 17 Sept Report
10/14/13 338/58 96.3% 3.7% 153 17 Oct Report
11/25/13 291/10 99.8% 0.2% 122 2 Nov Report
12/11/13 449/134 90.6% 9.4% 96 14

Dec Report

1/29/14

332/58

93.9% 6.1% 5 13

Jan Report

2/18/14 16/9 99.3% 0.7% 145 8

Feb Report

3/26/14 474/44 76.6% 23.4% 27 71

March Report

4/21/14 377/67 98.0% 2.0% 110 7

April Report

5/28/14 597/216 84.6% 15.4% 116 24

May Report

Phishing Education page image

The program is not designed to punish you, but rather to provide good advice on how to avoid becoming a victim in the future.  I.T. may confidentially contact individuals who succumb to more than one simulation to offer one-to-one assistance to help those individuals better spot future phishing attempts.

Each simulation, most of which were patterned after actual phishing emails received at EMU, entices you to click on a link or attachment which asks that you enter your NetID* and password.

If you fall victim to the phishing scam, you are redirected to an education page, which looks like the image shown here, where you are to view a one-minute video on phishing.

For more information about the Phishing Education Program or other phishing related topics, contact Rocky Jenkins at rjenkins@emich.edu.

*formerly my.emich username