Beginning in May 2024, the UMW IT Security Office will begin sending simulated phishing emails to faculty and staff.
Phishing emails are a leading cause of security incidents, and they are difficult to prevent. Sending simulated phishing emails to employees is a commonly used, best-practice method of raising awareness of phishing emails and improving an organization’s overall security posture.
The purpose of the simulated phishing emails is purely educational.
- The simulated phishing emails will be sent randomly to faculty and staff.
- The results of the simulations will not be used to reprimand or embarrass. Users who respond to a simulated phishing email by providing their user ID and password, clicking on a link, or opening an attachment will be notified by the system that the email was a simulation.
- All results are confidential. No managers will have access to the data results of their employees.
- Users who frequently respond to the simulated phishing emails will be offered additional security training by the IT Security Office.
Simulated phishing is a safe and effective way to become familiar with techniques and tactics used in actual phishing emails.
Thank you for your participation and support in keeping UMW’s systems and data secure.
Mike Townes
Director of Information Technology Security/ISO
(540)-654-2152
mtownes@umw.edu