Phishing Awareness Program

Overview

Silhouette of a man holding a briefcase and a broken chain in the foreground Phishing is the single greatest threat to individual privacy and cybersecurity. In order to increase awareness of the dangers associated with phishing, the University of San Diego partnered with KnowBe4 to implement the USD Phishing Awareness Program in November 2017.

The USD Phishing Awareness Program is a collaboration between the USD community and Information Technology Services to provide the tools and knowledge needed to keep USD safe from cyber crime.  

To do this, ITS conducts periodic simulated phishing campaigns using the KnowBe4 platform.  This platform uses real phishing email templates, stripped of all malicious content, to provide real-world exposure to the most relevant - and malicious - phishing emails on the web.

A recipient who opens a link in a simulated phishing email is redirected to a Red Flags page - this page lays out the specific items that can be used to identify that phishing email.  The Red Flags page allows USD community members to learn how to identify a malicious email without being put at risk.

 

Reasons for Implementation

ITS and USD have implemented this program for the following reasons:

  • Individual users affect the USD community's security

    When a single user at USD is exploited by cyber crime, it impacts the entire university - even the most diligent and secure users.  It is the responsibility of ITS, along with every users at USD, to play our part in keeping the university and our coworkers safe from cyber exploitation.  ITS is committed to providing resources for every single user to ensure that our community is empowered to make wise, secure decisions on the Web.

  • Your Web practices at USD can affect your personal life

    If a user at USD gets compromised on their work account, their personal information - bank account, identity, and other valuable content - is at risk as well.  This initiative’s purpose is to prepare every USD community member with Web practices that will keep them safe - both at work, and at home as well.

 

Program Objectives

The USD Phishing Awareness Program strives for success by achieving two primary, measurable objectives:

  1. Informing the Community: 
    • KnowBe4 constantly uses the newest phishing templates in simulated phishing to prepare the USD community for the newest trends in cyber-exploitation
    • The Red Flag feedback page provides immediate feedback on the components that can be used to identify a phishing email
    • Regular simulated phishing emails help users develop email scrutiny and practice safe cyber security habits - both for professional and personal online life

  2. Gathering Information:
    • Feedback from the KnowBe4 system helps ITS identify the topics, areas, and groups that are at greatest risk for cyber exploitation, and take action to mitigate these risks
    • Feedback from users helps ITS identify effective strategies for helping the community stay safe
    • Overall metrics from the KnowBe4 system help inform USD’s overall cyber security risk level when planning for new technology

ITS would like to thank each and every member of the USD community for your collaboration with us in moving towards a safer and more secure campus.  We cannot complete these objectives without engagement of all employees at USD - your prioritization of your individual security helps yourself, your coworkers, and the whole university to be a safer place for working and learning.

Frequently Asked Questions