CSU, Chico was recently targeted by an email scam that imitated a shipping & receiving notice. ITSS emailed faculty and staff to warn them about this scam in March.

We followed up on this scam in May by creating a PhishMe campaign with similar content:

The PhishMe campaign was sent to ~4,000 campus members. Below are the results of this campaign:

As you can see over 14% of employees were found susceptible to phishing. An alarmingly high number of people opened the file attached to this email. You should never open an attachment that you’re not expecting. If you are unsure of the validity of an email you should check with the sender before opening any attachments or links. Opening a malicious attachment can put you, your computer and files, the university, and university systems at risk.

More information about spam and phishing scams is available at https://www.csuchico.edu/isec/resources/avoid-threats/spam-phishing.shtml.