UK ITS Releasing Phishing Simulation
In an era where digital threats loom large and cyberattacks have become increasingly sophisticated, organizations across various sectors are constantly seeking effective methods to fortify their cybersecurity defenses. In the coming weeks, UK students, faculty, and staff will be receiving a fake or simulated phishing attack as part of UK Information Technology Services (UK ITS) efforts to enhance its cybersecurity preparedness. The UK ITS Enterprise Cybersecurity team recognizes the importance of hands-on experience in preparing for potential threats and hopes this exercise will provide students, faculty, and staff with essential skills and knowledge to detect and report phishing attacks.
What can I expect?
This phishing attack simulation replicates various cyberattack scenarios and techniques commonly employed by hackers. Be on the alert of any suspicious emails in your UK inbox just as you normally would.
How do I report a phishing attack?
The easiest and fastest way to report an attack is by hitting the “Report Message” button in Outlook or “Report phishing” in Gmail. More information can be found in How do I report spam and phishing emails? from the Tech Help Center.
What happens if I click a malicious link as part of this simulation?
Students, faculty, and staff who click a potentially malicious link as part of this phishing simulation are in luck. Unlike the real world, they will simply be referred to available training materials on how to detect phishing attacks and other cybersecurity threats. An individual’s results from this phishing simulation will not be shared with any supervisors or managers. If ever an employee clicks a malicious link that is not a part of a simulation exercise, please follow the steps in What should I do if I've fallen victim to a spam or phishing attack?
Where can I learn more about phishing and cybersecurity attacks?
UK ITS has articles and videos available for students, faculty, and staff. on the Cyber Safe Cats website at its.uky.edu/cybersafe. Training is also available for employees in myUK Learning. See How do I access cybersecurity courses in myUK Learning? for more information on how to access those courses. Additionally, there are several courses available on phishing and cybersecurity topics for UK employees via LinkedIn Learning.
Why is this important?
In today's interconnected world, every individual within an organization plays a vital role in maintaining cybersecurity. The evolving nature of cyber threats necessitates continuous improvement and adaptation of security measures. By immersing participants in simulated attack scenarios, they gain valuable insights into the tactics employed by malicious actors. This heightened security awareness extends beyond the university environment, equipping individuals with skills to protect themselves and their personal information online.
By proactively investing in the skill development of its staff and students, the university fortifies its defenses and minimizes the risk of successful cyberattacks. For more information on Enterprise Cybersecurity at the University of Kentucky, visit its.uky.edu/cybersafe.