One of the most serious cyber-security risks facing the campus today comes from phishing email messages. Phishing is the use of email messages in an attempt by hackers and cybercriminals to steal personal information or hijack computing resources for nefarious purposes including fraud and identity theft. When employees and students are tricked into giving up their user name and password, the criminals may gain access to even the most secure system.
To help reduce the chance that this happens, CSU, Chico is about to begin a training program that is intended to help the campus community recognize and ignore email phishing messages.
Did you know:
- More than 3,000 CSU, Chico email accounts have been compromised in the last 6 months due to successful phishing attacks.
- 92% of all breaches start with a successful phishing email.
You may have received a few general phishing emails at home, but did you know the same technique is used by sophisticated criminals to compromise companies and organizations? Everyone with an email address is a potential target for phishing. The campus will continue to make improvements to security technology, but the best defense against these attacks isn’t just technology, its learning how to spot and report phishing.
During this awareness training program, you will receive emails that mimic the phishing emails that target our organization. The purpose of these emails is to give you hands-on experience in what a phishing email looks like. If you suspect an email is a phishing attack you should delete it. Do not click on links or open attachments in a suspicious email. If you do fall prey to one of the simulated phishing attacks, you’ll instantly see that it was just a training exercise, along with some education material about how to improve at identifying phishing.
This is an attempt to help protect student and employee privacy and confidentiality, not to trick you. The results of this campaign will be kept confidential.
Even though our education will be focused on phishing at work, the tips you learn will better protect you at home from having your identity and/or financial account information stolen via phishing.
If you want to get a head start in learning about the various types of phishing attacks, feel free to preview the Phishing Education available at http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml
If you have questions or concerns, please submit a request at support.csuchico.edu or contact IT Support Services.